Lucene search
China National Vulnerability DatabaseCNVD-2022-56244HistoryJul 13, 2022 - 12:00 a.m.
WordPress Rename wp-login.php plugin跨站请求伪造漏洞
2022-07-1300:00:00
China National Vulnerability Database
www.cnvd.org.cn
18
0.001 Low
EPSS
Percentile
26.5%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress Rename wp-login.php plugin version 2.6.0 and earlier is vulnerable to cross-site request forgery, which is caused by a CSRF check that is not performed when updating login passwords. An attacker could use this vulnerability to cause the administrator to change the update settings via a CSRF attack.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress rename wp-login.php plugin | lt | 2.6.0 |
Related
cve
cve
CVE-2022-1732
2022-07-11 13:15:08
prion
prion
Cross site request forgery (csrf)
2022-07-11 13:15:00
wpexploit
wpexploit
Rename wp-login.php <= 2.6.0 - Secret URL Update via CSRF
2022-06-16 00:00:00
wpvulndb
wpvulndb
Rename wp-login.php <= 2.6.0 - Secret URL Update via CSRF
2022-06-16 00:00:00
cvelist
cvelist
CVE-2022-1732 Rename wp-login.php <= 2.6.0 - Secret URL Update via CSRF
2022-07-11 12:56:10
nvd
nvd
CVE-2022-1732
2022-07-11 13:15:08