CVE-2022-3622

Name of the Vulnerable Software and Affected Versions Blog2Social plugin for WordPress versions up to, and including, 6.9.11

Description The issue is related to authorization bypass due to missing capability checks. This allows authenticated attackers with subscriber-level permissions and above to modify some plugin settings that are intended to be changed by admins only.

Recommendations For Blog2Social plugin for WordPress versions up to, and including, 6.9.11, update to a version higher than 6.9.11 to resolve the issue. As a temporary workaround, consider restricting access to the plugin settings to minimize the risk of exploitation.