Rewterz Threat Advisory – CVE-2022-3408 – WordPress WP Word Count Plugin Vulnerability

November 14, 2022

Rewterz Threat Advisory – CVE-2022-3418 – WordPress Import any XML or CSV File Vulnerability

November 14, 2022

Rewterz Threat Advisory – CVE-2022-3451 – WordPress Product Stock Manager Vulnerability

November 14, 2022

Severity

Medium

Analysis Summary

CVE-2022-3451

Product Stock Manager plugin for WordPress is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading an authenticated user to visit a malicious Web site, a remote authenticated attacker could send a malformed HTTP request to update options. An attacker could exploit this vulnerability to perform cross-site scripting attacks, Web cache poisoning, and other malicious activities.

Impact

Gain Access

Indicators Of Compromise

CVE

CVE-2022-3451

Affected Vendors

WordPress

Affected Products

Product Stock Manager plugin for WordPress 1.0.3
Product Stock Manager plugin for WordPress 1.0.4

Remediation

Upgrade to the latest version of Product Stock Manager plugin for WordPress, available from the WPScan Website.

WPScan Website

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

ClickFix Scheme Used by Russian Hackers to Deploy Espionage Malware – Active IOCs

Cyber Threat Alert: Immediate Action Required on Existing APT Threat Indicators – Active IOCs

Tinba aka TinyBanker Trojan – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Advisory – CVE-2022-3408 – WordPress WP Word Count Plugin Vulnerability

Rewterz Threat Advisory – CVE-2022-3418 – WordPress Import any XML or CSV File Vulnerability

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.