3 matches found
CVE-2022-2260
creationtimestamp| type| source ---|---|--- 2022-08-01 16:17:05+00:00| seen| https://t.me/cibsecurity/47324 2023-12-11 14:22:00+00:00| seen| https://t.me/arpsyndicate/1753...
CVE-2022-2260
The CVE-2022-2260 entry concerns the GiveWP WordPress plugin (versions prior to 2.21.3) with CSRF protection missing when exporting data and unvalidated export parameters (e.g., dates). This can allow a logged-in admin to cause a DoS by the plugin repeatedly querying the database, overwhelming CP...
CVE-2022-2260 GiveWP < 2.21.3 - DoS via CSRF
The GiveWP WordPress plugin before 2.21.3 does not have CSRF in place when exporting data, and does not validate the exporting parameters such as dates, which could allow attackers to make a logged in admin DoS the web server via a CSRF attack as the plugin will try to retrieve data from the...