Lucene search
China National Vulnerability DatabaseCNVD-2022-56235HistoryJul 13, 2022 - 12:00 a.m.
WordPress Comment License plugin跨站请求伪造漏洞
2022-07-1300:00:00
China National Vulnerability Database
www.cnvd.org.cn
10
wordpress
plugin
cross-site request forgery
php
version 1.4.0
security vulnerability
EPSS
0.001
Percentile
25.9%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. The WordPress plugin is an application plugin. versions of the WordPress Comment License plugin prior to 1.4.0 are vulnerable to cross-site request forgery, which stems from a failure to perform CSRF checks when updating its settings. An attacker could use this vulnerability to make changes to the logged-in administrator through a CSRF attack.
Related
cvelist
cvelist
CVE-2022-1957 Comment License < 1.4.0 - Arbitrary Settings Update via CSRF
2022-07-11 12:57:04
nvd
nvd
CVE-2022-1957
2022-07-11 13:15:09
wpvulndb
wpvulndb
Comment License < 1.4.0 - Arbitrary Settings Update via CSRF
2022-06-16 00:00:00
prion
prion
Cross site request forgery (csrf)
2022-07-11 13:15:00
wpexploit
wpexploit
Comment License < 1.4.0 - Arbitrary Settings Update via CSRF
2022-06-16 00:00:00
cve
cve
CVE-2022-1957
2022-07-11 13:15:09