CVE-2022-0191

Summary

The Ad Invalid Click Protector (AICP) WordPress plugin before 1.2.7 does not have CSRF check deleting banned users, which could allow attackers to make a logged in admin remove arbitrary bans

Affected Software

VendorProductVersion RangeStatus
UnknownAd Invalid Click Protector (AICP)1.2.7 < 1.2.7affected

Weaknesses

  • CWE-352: CWE-352 Cross-Site Request Forgery (CSRF)

ADP Enrichment

CVE Program Container

Additional References

References