2 matches found
CVE-2022-2542
The uContext for Clickbank plugin for WordPress is vulnerable to Cross-Site Request Forgery to Cross-Site Scripting in versions up to, and including 3.9.1. This is due to missing nonce validation in the /app/sites/ajax/actions/keywordsave.php file that is called via the doAjax function. This make...
CVE-2022-2542
The CVE-2022-2542 entry concerns the WordPress uContext for Clickbank plugin (versions up to and including 3.9.1). The vulnerability is a Cross-Site Request Forgery (CSRF) that can lead to Cross-Site Scripting (XSS) due to missing nonce validation in the file ~/app/sites/ajax/actions/keyword_save...