NotCVE - vendor:"Adrotate Banner Manager Project" product:"Adrotate Banner Manager" version:" <= 5.9"

1 results (0.003 seconds)

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2022-26366 – WordPress AdRotate Banner Manager Plugin <= 5.9 is vulnerable to Cross Site Request Forgery (CSRF)

https://notcve.org/view.php?id=CVE-2022-26366

Cross-Site Request Forgery (CSRF) in AdRotate Banner Manager Plugin <= 5.9 on WordPress. Cross-Site Request Forgery (CSRF) en el complemento AdRotate Banner Manager <= 5.9 en WordPress. The AdRotate Banner Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.9. This is due to missing or incorrect nonce validation on the adrotate_options() function. This makes it possible for unauthenticated attackers to invoke these functions, via forged request granted they can trick a site administrator into performing an action such as clicking on a link. • https://patchstack.com/database/vulnerability/adrotate/wordpress-adrotate-banner-manager-plugin-5-9-multiple-cross-site-request-forgery-csrf-vulnerabilities?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •