Lucene search
China National Vulnerability DatabaseCNVD-2021-102803HistoryDec 01, 2021 - 12:00 a.m.
WordPress Plugin Cross-Site Request Forgery Vulnerability (CNVD-2021-102803)
2021-12-0100:00:00
China National Vulnerability Database
www.cnvd.org.cn
4
0.001 Low
EPSS
Percentile
41.9%
WordPress is the Wordpress Foundation’s set of blogging platform developed using the PHP language. The platform supports the hosting of personal blog sites on PHP and MySQL servers. WordPress plugin is a WordPress open source application plugin. WordPress plugin Static 1.0.6 and its previous versions exist cross-site request forgery vulnerability, the vulnerability originates from ~/Stetic .php file missing stats_ page function, an attacker can use this vulnerability to potentially inject arbitrary web scripts in versions 1.0.6 and below.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress stetic | le | 1.0.6 |
Related
cve
cve
CVE-2021-42364
2021-11-29 19:15:07
wpvulndb
wpvulndb
Stetic < 1.0.9 - CSRF to Stored Cross-Site Scripting
2021-11-29 00:00:00
nvd
nvd
CVE-2021-42364
2021-11-29 19:15:07
prion
prion
Cross site request forgery (csrf)
2021-11-29 19:15:00
patchstack
patchstack
cvelist
cvelist