CVE-2022-3082

The miniOrange Discord Integration WordPress plugin before 2.1.6 does not have authorisation and CSRF in some of its AJAX actions, allowing any logged in users, such as subscriber to call them, and disable the app for example
References
Configurations

Configuration 1

cpe:2.3:a:miniorange:discord_integration:*:*:*:*:*:wordpress:*:*

Information

Published : 2022-10-17 12:15

Updated : 2022-10-21 04:38


NVD link : CVE-2022-3082

Mitre link : CVE-2022-3082

Products Affected
No products.