Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 11:15 p.m.7 views

CVE-2022-3883

The Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection WordPress plugin before 7.24 does not have proper authorisation and CSRF in an AJAX action, allowing any authenticated users, such as subscriber to call it and install and activate arbitrary plugins from wordpress....

6.5CVSS6.7AI score0.00327EPSS
Exploits2References1
Circl
Circl
added 2022/12/12 8:21 p.m.5 views

CVE-2022-3883

creationtimestamp| type| source ---|---|--- 2022-12-12 20:21:04+00:00| seen| https://t.me/cibsecurity/54341...

6.5CVSS6.3AI score0.00327EPSS
Exploits2References1
OSV
OSV
added 2022/12/12 6:15 p.m.6 views

CVE-2022-3883

The Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection WordPress plugin before 7.24 does not have proper authorisation and CSRF in an AJAX action, allowing any authenticated users, such as subscriber to call it and install and activate arbitrary plugins from wordpress....

6.5CVSS5.9AI score0.00327EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2022/12/12 5:54 p.m.9 views

CVE-2022-3883 StopBadBots < 7.24 - Subscriber+ Arbitrary Plugin Installation

The Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection WordPress plugin before 7.24 does not have proper authorisation and CSRF in an AJAX action, allowing any authenticated users, such as subscriber to call it and install and activate arbitrary plugins from wordpress....

7AI score0.00327EPSS
Exploits2References1
Cvelist
Cvelist
added 2022/12/12 5:54 p.m.34 views

CVE-2022-3883 StopBadBots < 7.24 - Subscriber+ Arbitrary Plugin Installation

The Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection WordPress plugin before 7.24 does not have proper authorisation and CSRF in an AJAX action, allowing any authenticated users, such as subscriber to call it and install and activate arbitrary plugins from wordpress....

6.6AI score0.00327EPSS
Exploits2References1
CVE
CVE
added 2022/12/12 5:54 p.m.60 views

CVE-2022-3883

CVE-2022-3883 describes a vulnerability in the WordPress StopBadBots/Block Bad Bots plugin prior to v7.24 where an AJAX action lacks proper authorization and CSRF checks. This allows any authenticated user (e.g., a subscriber) to trigger the action and install/activate arbitrary plugins from word...

6.5CVSS6.4AI score0.00327EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder