Vulnerabilities > CVE-2022-40223 - Missing Authorization vulnerability in Searchwp

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
NONE
Integrity impact
LOW
Availability impact
NONE
network
low complexity
searchwp
CWE-862
NVD
Published: 2022-11-08
Updated: 2022-11-09

Summary

Nonce token leakage and missing authorization in SearchWP premium plugin <= 4.2.5 on WordPress leading to plugin settings change.

Vulnerable Configurations

Part Description Count
Application
Searchwp
1

Common Weakness Enumeration (CWE)

References