PT-2022-26930 · WordPress · Wordpress Popular Posts
Mikemyers
·
Published
2022-12-07
·
Updated
2022-12-09
·
CVE-2022-43468
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
WordPress Popular Posts versions 6.0.5 and earlier
Description
The issue allows external initialization of trusted variables or data stores, enabling the acceptance of untrusted external inputs to update internal variables. This can lead to the manipulation of the number of views for an article through crafted inputs.
Recommendations
For WordPress Popular Posts versions 6.0.5 and earlier, update to a version later than 6.0.5 to resolve the issue.
Fix
Improper Initialization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Wordpress Popular Posts