CVE-2022-4553
FL3R FeelBox <= 8.1 - Moods Reset via CSRF
The FL3R FeelBox WordPress plugin through 8.1 does not have CSRF check when updating reseting moods which could allow attackers to make logged in admins perform such action via a CSRF attack and delete the lydl_posts & lydl_poststimestamp DB tables
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Affected products
Unknown · FL3R FeelBoxWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →