Lucene search
China National Vulnerability DatabaseCNVD-2022-56231HistoryJul 13, 2022 - 12:00 a.m.
WordPress Admin Management Xtended plugin跨站请求伪造漏洞
2022-07-1300:00:00
China National Vulnerability Database
www.cnvd.org.cn
13
wordpress
xtended
csrf
vulnerability
ajax
eclipse foundation
EPSS
0.001
Percentile
26.3%
WordPress and others are products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. Xtend and others are products of the Eclipse Foundation. Xtend is a general-purpose high-level programming language for the Java Virtual Machine. WordPress plugin is an application plugin. WordPress Admin Management Xtended plugin version before 2.4.5 has cross-site request forgery vulnerability, the vulnerability originated from the plugin in some AJAX operations did not do CSRF checks, the attacker can use the vulnerability to cause the post status (draft, published), slug, post date, comment status (enabled, disabled), etc. changes.
Related
patchstack
patchstack
osv
osv
CVE-2022-1599
2022-07-11 13:15:08
cve
cve
CVE-2022-1599
2022-07-11 13:15:08
wpvulndb
wpvulndb
nvd
nvd
CVE-2022-1599
2022-07-11 13:15:08
cvelist
cvelist
prion
prion
Cross site request forgery (csrf)
2022-07-11 13:15:00
wpexploit
wpexploit