3 matches found
CVE-2022-3098
creationtimestamp| type| source ---|---|--- 2022-09-26 16:22:07+00:00| seen| https://t.me/cibsecurity/50484 2025-05-22 14:44:07+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/17286...
CVE-2022-3098 Login Block IPs <= 1.0.0 - Arbitrary Setting Update via CSRF
The Login Block IPs WordPress plugin through 1.0.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...
CVE-2022-3098
The CVE-2022-3098 entry describes a CSRF vulnerability in the WordPress plugin Login Block IPs, affecting version 1.0.0 and earlier. The issue stems from the plugin not performing a CSRF check when updating its settings, which could allow a logged-in administrator to have their settings changed v...