Lucene search
China National Vulnerability DatabaseCNVD-2022-18849HistoryMar 02, 2022 - 12:00 a.m.
WordPress Post Snippets plugin cross-site request forgery vulnerability
2022-03-0200:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
wordpress
post snippets
plugin
cross-site request forgery
vulnerability
php
mysql
version 3.1.4
csrf checks
code snippets
administrator
EPSS
0.001
Percentile
43.4%
WordPress is the WordPress Foundation’s set of blogging platforms developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. cross-site request forgery vulnerability exists in versions of the WordPress Post Snippets plugin prior to 3.1.4, which stems from the plugin’s lack of CSRF checks when importing files. An attacker could exploit this vulnerability to import arbitrary code snippets via the login administrator.
Related
patchstack
patchstack
nvd
nvd
CVE-2021-25010
2022-02-28 09:15:08
prion
prion
Cross site scripting
2022-02-28 09:15:00
cvelist
cvelist
CVE-2021-25010 Post Snippets < 3.1.4 - CSRF to Stored Cross-Site Scripting
2022-02-28 09:06:28
cve
cve
CVE-2021-25010
2022-02-28 09:15:08
wpvulndb
wpvulndb
Post Snippets < 3.1.4 - CSRF to Stored Cross-Site Scripting
2022-01-31 00:00:00
wpexploit
wpexploit
Post Snippets < 3.1.4 - CSRF to Stored Cross-Site Scripting
2022-01-31 00:00:00