Corner Ad < 1.0.57 – Ads Deletion via CSRF | CVE 2022-3427

Affects Plugins

corner-ad

Fixed in 1.0.57

References

CVE

CVE-2022-3427

Classification

Type

CSRF

OWASP top 10

A2: Broken Authentication and Session Management

CWE

CWE-352

CVSS

4.3 (medium)

Miscellaneous

Original Researcher

Marco Wotschka

Verified

No

WPVDB ID

0042b13e-6ecf-4d41-b5e0-8a68debc6d20

Timeline

Publicly Published

2022-09-09 (about 3 years ago)

Added

2022-12-15 (about 3 years ago)

Last Updated

2022-12-15 (about 3 years ago)

Other

Published

Title

Published

2025-01-06

Title

Backup and Restore Wordpress <= 1.50 - Cross-Site Request Forgery to Backup Trigger

Published

2022-10-02

Title

Shortcodes Ultimate < 5.12.1 - Settings Preset Update via CSRF

Published

2024-07-17

Title

Cooked – Recipe Management < 1.8.0 - Cross-Site Request Forgery to Template Apply

Published

2022-09-14

Title

Multiple Plugins from Viszt Peter - Multiple CSRF

Published

2025-02-03

Title

WP Admin Custom Page <= 1.5.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting