Security Advisory

CVE-2022-3082

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-10-17 00:00:00

Last updated 2025-05-13 15:58:45

Assigner WPScan

State PUBLISHED

Description

The miniOrange Discord Integration WordPress plugin before 2.1.6 does not have authorisation and CSRF in some of its AJAX actions, allowing any logged in users, such as subscriber to call them, and disable the app for example

← Browse all CVEs View on cve.org ↗