Lucene search
K

53 matches found

Positive Technologies
Positive Technologies
added 2022/08/01 12:0 a.m.6 views

PT-2022-15439 · WordPress · Counter Box

Name of the Vulnerable Software and Affected Versions: The Counter Box WordPress plugin versions prior to 1.2.1 Description: The issue is related to a lack of CSRF check when activating and deactivating counters. This could allow attackers to make a logged-in admin perform such actions via CSRF...

8.8CVSS8.5AI score0.00443EPSS
Exploits2References4
WPVulnDB
WPVulnDB
added 2022/07/08 12:0 a.m.21 views

Counter Box < 1.2.1 - Arbitrary Counter Activation/Deactivation via CSRF

The plugin is lacking CSRF check when activating and deactivating counters, which could allow attackers to make a logged in admin perform such actions via CSRF attacks PoC https://example.com/wp-admin/admin.php?page=counter-box=1=activate...

8.8CVSS4AI score0.00443EPSS
Exploits2Affected Software1
wpexploit
wpexploit
added 2022/07/08 12:0 a.m.220 views

Counter Box < 1.2.1 - Arbitrary Counter Activation/Deactivation via CSRF

The plugin is lacking CSRF check when activating and deactivating counters, which could allow attackers to make a logged in admin perform such actions via CSRF attacks https://example.com/wp-admin/admin.php?page=counter-box&id=1&action=activate...

8.8CVSS4.4AI score0.00443EPSS
Exploits2
OSV
OSV
added 2022/05/19 4:15 p.m.6 views

CVE-2022-29446

Authenticated administrator or higher role Local File Inclusion LFI vulnerability in Wow-Company's Counter Box plugin = 1.1.1 at WordPress...

7.2CVSS5.8AI score0.00979EPSS
Exploits0References2
NVD
NVD
added 2022/05/19 4:15 p.m.19 views

CVE-2022-29446

Authenticated administrator or higher role Local File Inclusion LFI vulnerability in Wow-Company's Counter Box plugin = 1.1.1 at WordPress...

7.2CVSS0.00979EPSS
Exploits0References2
Prion
Prion
added 2022/05/19 4:15 p.m.19 views

Design/Logic Flaw

Authenticated administrator or higher role Local File Inclusion LFI vulnerability in Wow-Company's Counter Box plugin = 1.1.1 at WordPress...

4CVSS6.9AI score0.00979EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/05/19 3:14 p.m.9 views

CVE-2022-29446 WordPress Counter Box plugin <= 1.1.1 - Authenticated Local File Inclusion (LFI) vulnerability

Authenticated administrator or higher role Local File Inclusion LFI vulnerability in Wow-Company's Counter Box plugin = 1.1.1 at WordPress...

6.8CVSS6.7AI score0.00979EPSS
Exploits0References2
CVE
CVE
added 2022/05/19 3:14 p.m.83 views

CVE-2022-29446

CVE-2022-29446 describes an authenticated Local File Inclusion (LFI) vulnerability in Wow-Company’s WordPress Counter Box plugin, versions

7.2CVSS6.8AI score0.00979EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/05/19 3:14 p.m.19 views

CVE-2022-29446 WordPress Counter Box plugin <= 1.1.1 - Authenticated Local File Inclusion (LFI) vulnerability

Authenticated administrator or higher role Local File Inclusion LFI vulnerability in Wow-Company's Counter Box plugin = 1.1.1 at WordPress...

6.8CVSS7.2AI score0.00979EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/05/19 12:0 a.m.6 views

WordPress plugin Counter Box 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Counter Box plugin is vulnerable to a local file inclusion vulnerability that stems from a lack of...

7.2CVSS7AI score0.00979EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/05/16 1:55 p.m.4 views

CVE-2022-29446

Authenticated administrator or higher role Local File Inclusion LFI vulnerability in Wow-Company's Counter Box plugin = 1.1.1 at WordPress...

7.2CVSS7AI score0.00979EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2022/05/16 12:0 a.m.38 views

WordPress Counter Box plugin <= 1.1.1 - Authenticated Local File Inclusion (LFI) vulnerability

Authenticated Local File Inclusion LFI vulnerability discovered by 0xB9 Patchstack Alliance in WordPress Counter Box plugin versions = 1.1.1. Solution Update the WordPress Counter Box plugin to the latest available version at least 1.2...

7.2CVSS3.6AI score0.00979EPSS
Exploits0References2Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/16 12:0 a.m.14 views

Counter Box < 1.2 - Admin+ LFI

The plugin does not properly validate the current tab used before generating a path and using it in an include statement, which could lead to LFI...

7.2CVSS1.5AI score0.00979EPSS
Exploits0Affected Software1
Rows per page
Query Builder