Lucene search
China National Vulnerability DatabaseCNVD-2021-103368HistoryNov 04, 2021 - 12:00 a.m.
WordPress WP-Pro-Quiz plugin cross-site request forgery vulnerability
2021-11-0400:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
0.001 Low
EPSS
Percentile
31.1%
WordPress is the WordPress Foundation’s suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blog sites on servers with PHP and MySQL. WordPress WP-Pro-Quiz plugin in version 0.37 and earlier is vulnerable to cross-site request forgery, which stems from a WEB application that does not adequately verify that requests are coming from trusted users. An attacker could delete arbitrary content on the blog via a logged-in administrator.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress wp-pro-quiz plugin | le | 0.37 |
Related
cve
cve
CVE-2020-36504
2021-11-01 09:15:08
cvelist
cvelist
CVE-2020-36504 WP-Pro-Quiz <= 0.37 - Arbitrary Quiz Deletion via CSRF
2021-11-01 08:45:55
nvd
nvd
CVE-2020-36504
2021-11-01 09:15:08
prion
prion
Cross site request forgery (csrf)
2021-11-01 09:15:00