2 matches found
CVE-2022-3154
The Woo Billingo Plus WordPress plugin before 4.4.5.4, Integration for Billingo & Gravity Forms WordPress plugin before 1.0.4, Integration for Szamlazz.hu & Gravity Forms WordPress plugin before 1.2.7 are lacking CSRF checks in various AJAX actions, which could allow attackers to make logged in...
CVE-2022-3154
CVE-2022-3154 affects multiple WordPress plugins related to Billingo integration: Woo Billingo Plus (pre-4.4.5.4), Integration for Billingo & Gravity Forms (pre-1.0.4), and Integration for Szamlazz.hu & Gravity Forms (pre-1.2.7). The root cause is lack of CSRF checks in various AJAX actions, enab...