Lucene search
China National Vulnerability DatabaseCNVD-2022-57624HistoryJun 30, 2022 - 12:00 a.m.
WordPress Tiny Contact Form plugin跨站请求伪造漏洞
2022-06-3000:00:00
China National Vulnerability Database
www.cnvd.org.cn
15
wordpress
tiny contact form
plugin
cross-site request forgery
csrf
vulnerability
attack
EPSS
0.001
Percentile
25.9%
WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress plugin is an application plugin. WordPress Tiny Contact Form plugin version 0.7 and earlier is vulnerable to cross-site request forgery, which stems from the plugin’s failure to perform CSRF checks when updating its settings. An attacker could use this vulnerability to make changes to the logged-in administrator via a CSRF attack.
Related
cvelist
cvelist
CVE-2022-1846 Tiny Contact Form <= 0.7 - Arbitrary Settings Update via CSRF
2022-06-27 08:58:03
wpvulndb
wpvulndb
Tiny Contact Form <= 0.7 - Arbitrary Settings Update via CSRF
2022-05-31 00:00:00
wpexploit
wpexploit
Tiny Contact Form <= 0.7 - Arbitrary Settings Update via CSRF
2022-05-31 00:00:00
prion
prion
Cross site request forgery (csrf)
2022-06-27 09:15:00
nvd
nvd
CVE-2022-1846
2022-06-27 09:15:09
cve
cve
CVE-2022-1846
2022-06-27 09:15:09