[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fUOl4ndzBzo9OBVXLmOBhwdAvd-Jf8gA4iBee0YRJN7g":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20},"CVE-2022-1709","throws-spam-away-cross-site-request-forgery-to-comment-modification","Throws SPAM Away \u003C= 3.3 - Cross-Site Request Forgery to Comment Modification","The Throws SPAM Away WordPress plugin before 3.3.1 does not have CSRF checks in place when deleting comments (either all, spam, or pending), allowing attackers to make a logged in admin delete comments via a CSRF attack","throws-spam-away",null,"\u003C3.3.1","3.3.1","high",8.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Cross-Site Request Forgery (CSRF)","2022-05-16 00:00:00","2024-01-22 19:56:02",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F3ce0fece-a7e5-4d27-a70a-37ab0973c15f?source=api-prod",617]