External initialization of trusted variables or data stores vulnerability exists in WordPress Popular Posts 6.0.5 and earlier, therefore the vulnerable product accepts untrusted external inputs to update certain internal variables. As a result, the number of views for an article may be manipulated through a crafted input.
References
Link | Resource |
---|---|
https://github.com/cabrerahector/wordpress-popular-posts/ | Third Party Advisory |
https://jvn.jp/en/jp/JVN13927745/index.html | Third Party Advisory |
https://wordpress.org/plugins/wordpress-popular-posts/ | Product |
https://github.com/cabrerahector/wordpress-popular-posts/ | Third Party Advisory |
https://jvn.jp/en/jp/JVN13927745/index.html | Third Party Advisory |
https://wordpress.org/plugins/wordpress-popular-posts/ | Product |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 07:26
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-12-07 04:15
Updated : 2024-11-21 07:26
NVD link : CVE-2022-43468
Mitre link : CVE-2022-43468
CVE.ORG link : CVE-2022-43468
JSON object : View
Products Affected
wordpress_popular_posts_project
- wordpress_popular_posts
CWE
CWE-665
Improper Initialization