3 matches found
CVE-2022-2172
The LinkWorth WordPress plugin before 3.3.4 does not implement nonce checks, which could allow attackers to make a logged in admin change settings via a CSRF attack...
CVE-2022-2172 LinkWorth Plugin < 3.3.4 - Arbitrary Setting Update via CSRF
The LinkWorth WordPress plugin before 3.3.4 does not implement nonce checks, which could allow attackers to make a logged in admin change settings via a CSRF attack...
CVE-2022-2172
CVE-2022-2172 affects the LinkWorth WordPress plugin prior to version 3.3.4. Root cause: absence of nonce checks enables CSRF, allowing a logged-in administrator to change settings via forged requests. Impact: arbitrary setting changes by an attacker with admin access. Affected product/version: L...