Exploitation Summary
EIP tracks 1 public exploit for CVE-2022-0279. PoCs published by tomorroisnew.
Description
The AnyComment WordPress plugin before 0.2.18 is affected by a race condition when liking/disliking a comment/reply, which could allow any authenticated user to quickly raise their rating or lower the rating of other users
Exploits (1)
github
NO CODE
2 stars
by tomorroisnew · poc
https://github.com/tomorroisnew/CVE/tree/main/CVE-2022-0279
References (1)
Core 1
Core References
Exploit, Third Party Advisory x_refsource_misc
https://wpscan.com/vulnerability/43a4b2d3-1bd5-490c-982c-bb7120595865
Scores
CVSS v3
3.1
EPSS
0.0049
EPSS Percentile
38.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
Details
CWE
CWE-362
Status
published
Products (1)
bologer/anycomment
< 0.2.18
Published
Feb 21, 2022
Tracked Since
Feb 18, 2026