CVE-2022-1694

CVE-2022-1694: Useful Banner Manager <= 1.6.1 - Modify banners via CSRF

Vendor Unknown

Product Useful Banner Manager

Weakness CWE-352 · CSRF

Published June 13, 2022

Last update August 3, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

The Useful Banner Manager WordPress plugin through 1.6.1 does not perform CSRF checks on POST requests to its admin page, allowing an attacker to trick a logged in admin to add, modify or delete banners from the plugin by submitting a form.

Key dates

02Disclosure timeline

June 13, 2022 CVE published

August 3, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2022-1694 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/352.html

Related vulnerabilities

04Related CVE

CVE-2025-53197 WordPress Cookiebot plugin <= 4.5.8 - Cross Site Request Forgery (CSRF) Vulnerability CVE-2019-10199 CVE-2025-10499 Ninja Forms – The Contact Form Builder That Grows With You <= 3.12.0 - Cross-Site Request Forgery to Plugin Settings Update CVE-2021-4421 Advanced Popups <= 1.1.1 - Cross-Site Request Forgery Bypass CVE-2023-25697 WordPress GamiPress plugin <= 2.5.6 - CSRF Leading to Settings Change Vulnerability