CVE-2022-26254
First published: Sun Mar 27 2022(Updated: )
WoWonder The Ultimate PHP Social Network Platform v4.0.0 was discovered to contain an access control issue which allows unauthenticated attackers to arbitrarily change group ID names.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Wowonder Wowonder | =4.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this WoWonder PHP Social Network Platform issue?
The vulnerability ID for this issue is CVE-2022-26254.
What is the severity level of CVE-2022-26254?
The severity level of CVE-2022-26254 is medium.
What is the description of CVE-2022-26254?
CVE-2022-26254 is an access control issue in WoWonder PHP Social Network Platform v4.0.0 that allows unauthenticated attackers to arbitrarily change group ID names.
How can an attacker exploit CVE-2022-26254?
Attackers can exploit CVE-2022-26254 by taking advantage of the access control issue to change group ID names without authentication.
Is there a fix available for CVE-2022-26254?
Currently, there is no information available about a specific fix for CVE-2022-26254. It is recommended to follow the vendor's official announcements and apply any necessary security updates or patches.
- collector/nvd-index
- vendor/wowonder
- canonical/wowonder wowonder
- version/wowonder wowonder/4.0