WordPress plugin cross-site request forgery vulnerability (CNVD-2022-13922)

2022-02-2300:00:00

China National Vulnerability Database

www.cnvd.org.cn

0.001 Low

EPSS

Percentile

21.0%

JSON

WordPress is the Wordpress Foundation’s set of blogging platform developed using the PHP language. WordPress plugin is a WordPress open source application plugin. WordPress plugin spffy Calendar 4.9.0 and its previous versions have a cross-site request forgery vulnerability, which stems from the lack of event deletion requests against cross-site request forged token validation. No details of the vulnerability are currently available.

CPENameOperatorVersion
wordpress spffy calendarle4.9.0

CPE	Name	Operator	Version
	wordpress spffy calendar	le	4.9.0

0.001 Low

EPSS

Percentile

21.0%

JSON

Related for CNVD-2022-13922