cleantalk
Vulnerabilities and Security Researches

miniOrange Discord Integration, CVE-2022-3082

CVE, Research URL

CVE-2022-3082

Home page URL

Security reports for miniOrange Discord Integration

Application

miniOrange Discord Integration

Published on
Oct 17, 2022
Research Description
The miniOrange Discord Integration WordPress plugin before 2.1.6 does not have authorisation and CSRF in some of its AJAX actions, allowing any logged in users, such as subscriber to call them, and disable the app for example
Affected versions
Min -, max 2.1.6.
Status
vulnerable
Previous vulnerability researches
miniOrange Discord Integration (CVE-2025-47672) , May 25, 2025
miniOrange Discord Integration (CVE-2022-3082) , Jun 07, 2024
New vulnerability
Page Builder: Pagelayer – Drag and Drop website builder (CVE-2025-4223) , May 25, 2025
Page Builder: Pagelayer – Drag and Drop website builder (CVE-2024-13427) , May 25, 2025
miniOrange Discord Integration (CVE-2025-47672) , May 25, 2025
4stats (CVE-2025-3869) , May 24, 2025
Verge3D Publishing and E-Commerce (CVE-2025-48241) , May 24, 2025