CVE-2022-2405 – The WP Popup Builder WordPress plugin through 1.2.8 does not have authorisation and CSRF c …

26 September 2022

Vuln ID: CVE-2022-2405

Published: 2022-09-26 13:15:10Z

Description: The WP Popup Builder WordPress plugin through 1.2.8 does not have authorisation and CSRF check in an AJAX action, allowing any authenticated users, such as subscribers to delete arbitrary Popup

Source: NVD.NIST.GOV

Date:

26 September 2022

Categorie(s):

NVD

Tag(s):

NVD

Foreign states targeting sensitive research at UK universities, MI5 warns25 April 2024
Cops cuff man for allegedly framing colleague with AI-generated hate speech clip25 April 2024
Ring dinged for $5.6M after, among other claims, rogue insider spied on ‘pretty girls’25 April 2024
After a 19-month saga, Broadcom finally patches Brocade SANnav bugs25 April 2024
Navigating the cyber seas: Clarity, compliance, and unified endpoint management 25 April 2024