Vulnerability Details CVE-2022-29414
Multiple (13x) Cross-Site Request Forgery (CSRF) vulnerabilities in WPKube's Subscribe To Comments Reloaded plugin <= 211130 on WordPress allows attackers to clean up Log archive, download system info file, plugin system settings, plugin options settings, generate a new key, reset all options, change notifications settings, management page settings, comment form settings, manage subscriptions > mass update settings, manage subscriptions > add a new subscription, update subscription, delete Subscription.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 33.8%
CVSS Severity
CVSS v3 Score 5.4
CVSS v2 Score 5.8
References
- https://patchstack.com/database/vulnerability/subscribe-to-comments-reloaded/wordpress-subscribe-to-comments-reloaded-plugin-211130-multiple-cross-site-request-forgery-csrf-vulnerabilities
- https://wordpress.org/plugins/subscribe-to-comments-reloaded/
- https://patchstack.com/database/vulnerability/subscribe-to-comments-reloaded/wordpress-subscribe-to-comments-reloaded-plugin-211130-multiple-cross-site-request-forgery-csrf-vulnerabilities
- https://wordpress.org/plugins/subscribe-to-comments-reloaded/
Products affected by CVE-2022-29414
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:-
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:1.0
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:1.1
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:1.2
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:1.2.1
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:1.3
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:1.4
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:1.5.1
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:1.6
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:140128
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:140129
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:140204
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:140219
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:140220
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:140515
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:141025
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:141103
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:150207
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:150422
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:150428
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:150611
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:160106
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:160116
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:160831
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:160902
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:160915
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:170428
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:170607
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:180212
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:180225
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:190117
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:190214
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:190304
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:190305
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:190325
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:190409
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:190411
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:190412
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:190426
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:190510
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:190523
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:190529
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:191009
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:191011
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:191028
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:191209
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:191217
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:2
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:2.0.1
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:2.0.2
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:2.0.3
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:2.0.4
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:2.0.5
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:2.0.6
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:200205
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:200422
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:200629
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:200813
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:210104
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:210126
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:210315
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:211019
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:211130
-
cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:3.0.0