2 matches found
CVE-2022-1653 Social Share Buttons by Supsystic < 2.2.4 - Multiple CSRF
The Social Share Buttons by Supsystic WordPress plugin before 2.2.4 does not perform CSRF checks in it's ajax endpoints and admin pages, allowing an attacker to trick any logged in user to manipulate or change the plugin settings, as well as create, delete and rename projects and networks...
CVE-2022-1653
The CVE-2022-1653 entry refers to the WordPress plugin Social Share Buttons by Supsystic (versions prior to 2.2.4). The concrete details in connected sources confirm a CSRF flaw where the plugin does not perform CSRF checks on AJAX endpoints and admin pages, enabling an attacker to trick a logged...