Vulnerabilities > CVE-2022-4549 - Unspecified vulnerability in Tickera

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
LOW
Availability impact
NONE
network
low complexity
tickera
NVD
Published: 2023-01-16
Updated: 2023-11-07

Summary

The Tickera WordPress plugin before 3.5.1.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged-in admin change them via a CSRF attack.

Vulnerable Configurations

Part Description Count
Application
Tickera
235

References