Vulnerabilities > CVE-2022-1709 - Unspecified vulnerability in GTI Throws Spam Away

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

LOW

Availability impact

NONE

network

low complexity

gti

NVD

Published: 2022-06-08

Updated: 2024-11-21

Summary

The Throws SPAM Away WordPress plugin before 3.3.1 does not have CSRF checks in place when deleting comments (either all, spam, or pending), allowing attackers to make a logged in admin delete comments via a CSRF attack

Vulnerable Configurations

Part	Description	Count
Application	Gti GTI Throws Spam Away *	1

References

https://wpscan.com/vulnerability/ac290535-d9ec-459a-abc3-27cd78eb54fc
https://wpscan.com/vulnerability/ac290535-d9ec-459a-abc3-27cd78eb54fc