Cross-Site Request Forgery (CSRF) vulnerability in Smash Balloon Custom Twitter Feeds (Tweets Widget) plugin <= 1.8.4 versions.
References
Configurations
History
02 Jun 2023, 01:35
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:smashballoon:custom_twitter_feeds:*:*:*:*:*:wordpress:*:* | |
References | (MISC) https://patchstack.com/database/vulnerability/custom-twitter-feeds/wordpress-custom-twitter-feeds-plugin-1-8-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve - Third Party Advisory | |
First Time |
Smashballoon custom Twitter Feeds
Smashballoon |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
29 May 2023, 01:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-05-29 01:15
Updated : 2024-02-28 20:13
NVD link : CVE-2022-33974
Mitre link : CVE-2022-33974
CVE.ORG link : CVE-2022-33974
JSON object : View
Products Affected
smashballoon
- custom_twitter_feeds
CWE
CWE-352
Cross-Site Request Forgery (CSRF)