Vulnerability CVE-2022-36796


Published: 2022-09-01

Description:
Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS) in CallRail, Inc. CallRail Phone Call Tracking plugin <= 0.4.9 at WordPress.

Type:

CWE-352

(Cross-Site Request Forgery (CSRF))

 References:
https://wordpress.org/plugins/callrail-phone-call-tracking/
https://patchstack.com/database/vulnerability/callrail-phone-call-tracking/wordpress-callrail-phone-call-tracking-plugin-0-4-9-cross-site-request-forgery-csrf-vulnerability-leading-to-stored-cross-site-scripting-xss

Copyright 2026, cxsecurity.com

 

Back to Top