CVE Vulnerabilities

CVE-2022-3688

Published: Nov 21, 2022 | Modified: Nov 07, 2023
CVSS 3.x
8.8
HIGH
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

The WPQA Builder WordPress plugin before 5.9 does not have CSRF check when following and unfollowing users, which could allow attackers to make logged in users perform such actions via CSRF attacks

Affected Software

Name Vendor Start Version End Version
Wpqa_builder 2code * 5.9 (excluding)

References