CVE Vulnerabilities

CVE-2022-3688

Published: Nov 21, 2022 | Modified: Apr 29, 2025
CVSS 3.x
8.8
HIGH
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu
root.io minimus.io echohq.com

The WPQA Builder WordPress plugin before 5.9 does not have CSRF check when following and unfollowing users, which could allow attackers to make logged in users perform such actions via CSRF attacks

Affected Software

Name Vendor Start Version End Version
Wpqa_builder 2code * 5.9 (excluding)

References