CVE-2022-1663
CVE-2022-1663 describes an information-disclosure/credential-bypass issue in the WordPress Stop Spam Comments plugin (versions ≤ 0.2.1.2). The vulnerability stems from improper generation of the Javascript access token (ssc_key) intended to prevent abuse of the comment section, allowing an attack...