CVE-2022-4553
FL3R FeelBox <= 8.1 - Moods Reset via CSRF
The FL3R FeelBox WordPress plugin through 8.1 does not have CSRF check when updating reseting moods which could allow attackers to make logged in admins perform such action via a CSRF attack and delete the lydl_posts & lydl_poststimestamp DB tables
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Productos afectados
Unknown · FL3R FeelBox¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →