Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cnvdChina National Vulnerability DatabaseCNVD-2022-55689
HistoryJun 15, 2022 - 12:00 a.m.

WordPress plugin Copify cross-site request forgery vulnerability

2022-06-1500:00:00
China National Vulnerability Database
www.cnvd.org.cn
13

0.001 Low

EPSS

Percentile

39.6%

JSON

WordPress is a set of blogging platform developed using the PHP language. A cross-site request forgery vulnerability exists in the WordPress plugin Copify 1.3.0 and prior versions, which stems from a lack of random number validation on the CopifySettings page. An attacker could exploit this vulnerability to update plugin settings and inject malicious Web scripts via spoofed requests, tricking site administrators into performing actions such as clicking on links.

CPENameOperatorVersion
wordpress copify pluginlt1.3.0

Related

patchstack 1
wpvulndb 1
prion 1
cve 1
cvelist 1
nvd 1
patchstack
patchstack
WordPress Copify plugin <= 1.3.0 - Cross-Site Request Forgery (CSRF) vulnerability to Cross-Site Scripting (XSS)
2022-06-08 00:00:00
wpvulndb
wpvulndb
Copify <= 1.3.0 - Stored Cross-Site Scripting via CSRF
2022-06-08 00:00:00
prion
prion
Cross site request forgery (csrf)
2022-06-13 13:15:00
cve
cve
CVE-2022-1900
2022-06-13 13:15:13
cvelist
cvelist
CVE-2022-1900
2022-06-13 12:47:42
nvd
nvd
CVE-2022-1900
2022-06-13 13:15:13

0.001 Low

EPSS

Percentile

39.6%

JSON
Related for CNVD-2022-55689
patchstack1wpvulndb1prion1cve1cvelist1nvd1