Vulnerabilities > CVE-2022-1663 - Unspecified vulnerability in Stop Spam Comments Project Stop Spam Comments 0.2.1.2

047910
CVSS 6.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
LOW
Integrity impact
LOW
Availability impact
NONE
network
low complexity
stop-spam-comments-project

Summary

The Stop Spam Comments WordPress plugin through 0.2.1.2 does not properly generate the Javascript access token for preventing abuse of comment section, allowing threat authors to easily collect the value and add it to the request.