CVE-2022-4553
FL3R FeelBox <= 8.1 - Moods Reset via CSRF
The FL3R FeelBox WordPress plugin through 8.1 does not have CSRF check when updating reseting moods which could allow attackers to make logged in admins perform such action via a CSRF attack and delete the lydl_posts & lydl_poststimestamp DB tables
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Produtos afetados
Unknown · FL3R FeelBoxQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →