Lucene search
WPScanCVELIST:CVE-2022-1653HistoryJun 27, 2022 - 8:57 a.m.
CVE-2022-1653 Social Share Buttons by Supsystic < 2.2.4 - Multiple CSRF
2022-06-2708:57:22
CWE-352
WPScan
www.cve.org
3
cve-2022-1653
supsystic
wordpress
csrf
plugin
vulnerability
ajax
admin pages
attacker
The Social Share Buttons by Supsystic WordPress plugin before 2.2.4 does not perform CSRF checks in itβs ajax endpoints and admin pages, allowing an attacker to trick any logged in user to manipulate or change the plugin settings, as well as create, delete and rename projects and networks.
CNA Affected
[
{
"product": "Social Share Buttons by Supsystic",
"vendor": "Unknown",
"versions": [
{
"lessThan": "2.2.4",
"status": "affected",
"version": "2.2.4",
"versionType": "custom"
}
]
}
]Related
cnvd
cnvd
WordPress Social Share Buttons by Supsystic pluginθ·¨η«θ―·ζ±δΌͺι ζΌζ΄
2022-06-30 00:00:00
cve
cve
CVE-2022-1653
2022-06-27 09:15:09
nvd
nvd
CVE-2022-1653
2022-06-27 09:15:09
prion
prion
Cross site request forgery (csrf)
2022-06-27 09:15:00
wpvulndb
wpvulndb
Social Share Buttons by Supsystic < 2.2.4 - Multiple CSRF
2022-06-01 00:00:00
patchstack
patchstack
wpexploit
wpexploit
Social Share Buttons by Supsystic < 2.2.4 - Multiple CSRF
2022-06-01 00:00:00