Lucene search
China National Vulnerability DatabaseCNVD-2022-54971HistoryJun 15, 2022 - 12:00 a.m.
WordPress WP-chgFontSize plugin cross-site request forgery vulnerability
2022-06-1500:00:00
China National Vulnerability Database
www.cnvd.org.cn
11
wordpress
wp-chgfontsize plugin
csrf
vulnerability
administrator configuration
php
cross-site request forgery
EPSS
0.001
Percentile
21.2%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress WP-chgFontSize plugin version 1.8 and earlier versions are vulnerable to cross-site request forgery, which stems from a failure to perform cross-site request forgery checks when updating its settings. An attacker could use this vulnerability to change the login administrator configuration via a CSRF attack.
Related
prion
prion
Cross site scripting
2022-06-13 13:15:00
cvelist
cvelist
nvd
nvd
CVE-2022-1764
2022-06-13 13:15:12
patchstack
patchstack
wpvulndb
wpvulndb
WP-chgFontSize <= 1.8 - Arbitrary Settings Update via CSRF to Stored XSS
2022-05-23 00:00:00
wpexploit
wpexploit
WP-chgFontSize <= 1.8 - Arbitrary Settings Update via CSRF to Stored XSS
2022-05-23 00:00:00
cve
cve
CVE-2022-1764
2022-06-13 13:15:12