CVE-2022-1694

The Useful Banner Manager WordPress plugin through 1.6.1 does not perform CSRF checks on POST requests to its admin page, allowing an attacker to trick a logged in admin to add, modify or delete banners from the plugin by submitting a form...

CVE-2022-1694

The Useful Banner Manager WordPress plugin through 1.6.1 does not perform CSRF checks on POST requests to its admin page, allowing an attacker to trick a logged in admin to add, modify or delete banners from the plugin by submitting a form...

CVE-2022-1694

The CVE-2022-1694 entry concerns the WordPress plugin Useful Banner Manager (versions ≤ 1.6.1). The connected sources confirm a CSRF vulnerability on POST requests to the plugin’s admin page, enabling an attacker to trick a logged-in administrator into adding, modifying, or deleting banners. The ...

WordPress plugin Useful Banner Manager 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Useful Banner Manager plugin version 1.6.1 and earlier versions are vulnerable to cross-site reques...

WordPress Useful Banner Manager plugin <= 1.6.1 - Modify banners via Cross-Site Request Forgery (CSRF) vulnerability

Modify banners via Cross-Site Request Forgery CSRF vulnerability discovered by Daniel Ruf in WordPress Useful Banner Manager plugin versions = 1.6.1. Solution Deactivate and delete. This plugin has been closed as of May 12, 2022 and is not available for download. This closure is temporary, pendin...

Useful Banner Manager <= 1.6.1 - Modify banners via CSRF

The plugin does not perform CSRF checks on POST requests to its admin page, allowing an attacker to trick a logged in admin to add, modify or delete banners from the plugin by submitting a form. document.getElementById"test".submit;...