cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2022-3343,https://securityvulnerability.io/vulnerability/CVE-2022-3343,WPQA < 5.9.3 - Missing validation lead to functionality abuse,"The WPQA Builder WordPress plugin before 5.9.3 (which is a companion plugin used with Discy and Himer Discy WordPress themes) incorrectly tries to validate that a user already follows another in the wpqa_following_you_ajax action, allowing a user to inflate their score on the site by having another user send repeated follow actions to them.",Wordpress,"WPqa Builder,Discy,Himer",3.5,LOW,0.000539999979082495,false,,false,false,false,,false,false,2023-01-09T22:13:27.335Z,0
CVE-2022-1323,https://securityvulnerability.io/vulnerability/CVE-2022-1323,Discy < 5.0 - Subscriber+ Broken Access Control to change settings,"The Discy WordPress theme before 5.0 lacks authorization checks then processing ajax requests to the discy_update_options action,  allowing any logged in users (with privileges as low as Subscriber,) to change Theme options by sending a crafted POST request.",Wordpress,Discy,6.5,MEDIUM,0.000539999979082495,false,,false,false,false,,false,false,2022-08-08T13:45:37.000Z,0
CVE-2022-1422,https://securityvulnerability.io/vulnerability/CVE-2022-1422,Discy < 5.2 - Restore Default Settings via CSRF,"The Discy WordPress theme before 5.2 does not check for CSRF tokens in the AJAX action discy_reset_options, allowing an attacker to trick an admin into resetting the site settings back to defaults.",Wordpress,Discy,6.5,MEDIUM,0.0006099999882280827,false,,false,false,false,,false,false,2022-06-08T10:15:00.000Z,0
CVE-2022-1421,https://securityvulnerability.io/vulnerability/CVE-2022-1421,Discy < 5.2 - Settings Update via CSRF,"The Discy WordPress theme before 5.2 lacks CSRF checks in some AJAX actions, allowing an attacker to make a logged in admin change arbitrary 's settings including payment methods via a CSRF attack",Wordpress,Discy,4.3,MEDIUM,0.0006099999882280827,false,,false,false,true,true,false,false,2022-06-08T10:15:00.000Z,0