Lucene search
China National Vulnerability DatabaseCNVD-2022-54354HistoryJun 30, 2022 - 12:00 a.m.
WordPress Cimy Header Image Rotator plugin跨站请求伪造漏洞
2022-06-3000:00:00
China National Vulnerability Database
www.cnvd.org.cn
12
0.001 Low
EPSS
Percentile
26.1%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress Cimy Header Image Rotator plugin 6.1.1 and earlier versions are vulnerable to cross-site request forgery, which stems from the failure to perform CSRF checks when updating its settings. An attacker could use this vulnerability to get the logged-in administrator to change the configuration via a CSRF attack.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress cimy header image rotator plugin | lt | 6.1.1 |
Related
cvelist
cvelist
nvd
nvd
CVE-2022-1885
2022-06-27 09:15:10
wpexploit
wpexploit
Cimy Header Image Rotator <= 6.1.1 - Arbitrary Settings Update via CSRF
2022-06-01 00:00:00
prion
prion
Cross site request forgery (csrf)
2022-06-27 09:15:00
wpvulndb
wpvulndb
Cimy Header Image Rotator <= 6.1.1 - Arbitrary Settings Update via CSRF
2022-06-01 00:00:00
cve
cve
CVE-2022-1885
2022-06-27 09:15:10