Lucene search
Raad Haddad of Cloudyrion GmbHWPEX-ID:33705003-1F82-4B0C-9B4B-D4DE75DA309CHistoryJul 08, 2022 - 12:00 a.m.
Counter Box < 1.2.1 - Arbitrary Counter Activation/Deactivation via CSRF
2022-07-0800:00:00
Raad Haddad of Cloudyrion GmbH
187
csrf
counter box
activation/deactivation
exploit
EPSS
0.001
Percentile
43.4%
The plugin is lacking CSRF check when activating and deactivating counters, which could allow attackers to make a logged in admin perform such actions via CSRF attacks
https://example.com/wp-admin/admin.php?page=counter-box&id=1&action=activate
https://example.com/wp-admin/admin.php?page=counter-box&id=1&action=deactivateRelated
cvelist
cvelist
wpvulndb
wpvulndb
Counter Box < 1.2.1 - Arbitrary Counter Activation/Deactivation via CSRF
2022-07-08 00:00:00
nvd
nvd
CVE-2022-2245
2022-08-01 13:15:10
prion
prion
Cross site request forgery (csrf)
2022-08-01 13:15:00
cve
cve
CVE-2022-2245
2022-08-01 13:15:10