Lucene search
China National Vulnerability DatabaseCNVD-2022-57622HistoryJun 30, 2022 - 12:00 a.m.
WordPress Site Offline or Coming Soon plugin跨站请求伪造漏洞
2022-06-3000:00:00
China National Vulnerability Database
www.cnvd.org.cn
19
wordpress
php
csrf
cross-site request forgery
plugin vulnerability
administrator
attack vector
security flaw
EPSS
0.001
Percentile
40.2%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Site Offline or Coming Soon plugin version 1.6.6 and earlier are vulnerable to cross-site request forgery due to a failure to perform CSRF checks are not performed when updating its settings, and there is a lack of cleanup and escaping. An attacker could use this vulnerability to cause the logged-in administrator to make changes and place a cross-site script payload via a CSRF attack.
Related
cve
cve
CVE-2022-1593
2022-06-27 09:15:09
prion
prion
Cross site scripting
2022-06-27 09:15:00
patchstack
patchstack
wpvulndb
wpvulndb
Site Offline or Coming Soon <= 1.6.6 - Stored Cross-Site Scripting via CSRF
2022-06-06 00:00:00
cvelist
cvelist
wpexploit
wpexploit
Site Offline or Coming Soon <= 1.6.6 - Stored Cross-Site Scripting via CSRF
2022-06-06 00:00:00
nvd
nvd
CVE-2022-1593
2022-06-27 09:15:09