CVE-2022-4309

LOW Year: 2022
CVSS v3 Score
3.1
Low
Weakness Type
NVD-CWE-Other
View all →

Vulnerability Description

The Subscribe2 WordPress plugin before 10.38 does not have CSRF check when deleting users, which could allow attackers to make a logged in admin delete arbitrary users by knowing their email via a CSRF attack.

Related Vulnerabilities

CVE-2016-3426

LOW
CVSS:3.1(Low)

Unspecified vulnerability in Oracle Java SE 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality via vectors related to JCE.

NVD-CWE-Other2016

CVE-2016-3428

LOW
CVSS:3.1(Low)

Unspecified vulnerability in the Oracle Agile Engineering Data Management component in Oracle Supply Chain Products Suite 6.1.3.0 and 6.2.0.0 allows remote attackers to affect availability via vectors...

NVD-CWE-Other2016

CVE-2016-3516

LOW
CVSS:3.1(Low)

Unspecified vulnerability in the Oracle Enterprise Communications Broker component in Oracle Communications Applications before PCz 2.0.0m4p1 allows remote authenticated users to affect confidentialit...

NVD-CWE-Other2016

CVE-2016-5473

LOW
CVSS:3.1(Low)

Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote authenticated users to affect confidentiality via vectors related to Fil...

NVD-CWE-Other2016

CVE-2016-5509

LOW
CVSS:3.1(Low)

Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Core). Supported versions that are affected are 12.0.1, 12.0.2,12.0.4,12.1.0 ...

NVD-CWE-Other2016

CVE-2016-5542

LOW
CVSS:3.1(Low)

Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect integrity via vectors related to Libraries.

NVD-CWE-Other2016