CVE-2022-1709

The Throws SPAM Away WordPress plugin before 3.3.1 does not have CSRF checks in place when deleting comments (either all, spam, or pending), allowing attackers to make a logged in admin delete comments via a CSRF attack
References
Configurations

Configuration 1

cpe:2.3:a:gti:throws_spam_away:*:*:*:*:*:wordpress:*:*

Information

Published : 2022-06-08 10:15

Updated : 2022-06-15 07:33


NVD link : CVE-2022-1709

Mitre link : CVE-2022-1709

Products Affected
No products.
CWE