53 matches found
PT-2022-15439 · WordPress · Counter Box
Name of the Vulnerable Software and Affected Versions: The Counter Box WordPress plugin versions prior to 1.2.1 Description: The issue is related to a lack of CSRF check when activating and deactivating counters. This could allow attackers to make a logged-in admin perform such actions via CSRF...
Counter Box < 1.2.1 - Arbitrary Counter Activation/Deactivation via CSRF
The plugin is lacking CSRF check when activating and deactivating counters, which could allow attackers to make a logged in admin perform such actions via CSRF attacks PoC https://example.com/wp-admin/admin.php?page=counter-box=1=activate...
Counter Box < 1.2.1 - Arbitrary Counter Activation/Deactivation via CSRF
The plugin is lacking CSRF check when activating and deactivating counters, which could allow attackers to make a logged in admin perform such actions via CSRF attacks https://example.com/wp-admin/admin.php?page=counter-box&id=1&action=activate...
CVE-2022-29446
Authenticated administrator or higher role Local File Inclusion LFI vulnerability in Wow-Company's Counter Box plugin = 1.1.1 at WordPress...
CVE-2022-29446
Authenticated administrator or higher role Local File Inclusion LFI vulnerability in Wow-Company's Counter Box plugin = 1.1.1 at WordPress...
Design/Logic Flaw
Authenticated administrator or higher role Local File Inclusion LFI vulnerability in Wow-Company's Counter Box plugin = 1.1.1 at WordPress...
CVE-2022-29446 WordPress Counter Box plugin <= 1.1.1 - Authenticated Local File Inclusion (LFI) vulnerability
Authenticated administrator or higher role Local File Inclusion LFI vulnerability in Wow-Company's Counter Box plugin = 1.1.1 at WordPress...
CVE-2022-29446
CVE-2022-29446 describes an authenticated Local File Inclusion (LFI) vulnerability in Wow-Company’s WordPress Counter Box plugin, versions
CVE-2022-29446 WordPress Counter Box plugin <= 1.1.1 - Authenticated Local File Inclusion (LFI) vulnerability
Authenticated administrator or higher role Local File Inclusion LFI vulnerability in Wow-Company's Counter Box plugin = 1.1.1 at WordPress...
WordPress plugin Counter Box 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Counter Box plugin is vulnerable to a local file inclusion vulnerability that stems from a lack of...
CVE-2022-29446
Authenticated administrator or higher role Local File Inclusion LFI vulnerability in Wow-Company's Counter Box plugin = 1.1.1 at WordPress...
WordPress Counter Box plugin <= 1.1.1 - Authenticated Local File Inclusion (LFI) vulnerability
Authenticated Local File Inclusion LFI vulnerability discovered by 0xB9 Patchstack Alliance in WordPress Counter Box plugin versions = 1.1.1. Solution Update the WordPress Counter Box plugin to the latest available version at least 1.2...
Counter Box < 1.2 - Admin+ LFI
The plugin does not properly validate the current tab used before generating a path and using it in an include statement, which could lead to LFI...