4 matches found
CVE-2022-3082
The miniOrange Discord Integration WordPress plugin before 2.1.6 does not have authorisation and CSRF in some of its AJAX actions, allowing any logged in users, such as subscriber to call them, and disable the app for example...
CVE-2022-3082 miniOrange Discord Integration < 2.1.6 - Subscriber+ App Disabling
The miniOrange Discord Integration WordPress plugin before 2.1.6 does not have authorisation and CSRF in some of its AJAX actions, allowing any logged in users, such as subscriber to call them, and disable the app for example...
CVE-2022-3082
CVE-2022-3082 affects the miniOrange Discord Integration WordPress plugin, versions prior to 2.1.6. The issue is insufficient authorization and CSRF protection in certain AJAX actions, allowing any logged-in user (e.g., subscribers) to invoke these actions and potentially disable the app. The doc...
CVE-2022-3082 miniOrange Discord Integration < 2.1.6 - Subscriber+ App Disabling
The miniOrange Discord Integration WordPress plugin before 2.1.6 does not have authorisation and CSRF in some of its AJAX actions, allowing any logged in users, such as subscriber to call them, and disable the app for example...