2 matches found
CVE-2022-36388 WordPress YDS Support Ticket System plugin <= 1.0 - Cross-Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in YDS Support Ticket System plugin = 1.0 at WordPress...
CVE-2022-36388
CVE-2022-36388 : A CSRF vulnerability exists in the WordPress plugin “YDS Support Ticket System” up to version 1.0. The root cause is insufficient CSRF validation in the plugin, allowing an attacker to trick an authenticated user into performing unwanted actions. Reported CVSS v3.1 base metrics i...