Lucene search
China National Vulnerability DatabaseCNVD-2022-58955HistoryJun 22, 2022 - 12:00 a.m.
WordPress WP-EMail plugin cross-site request forgery vulnerability
2022-06-2200:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
0.001 Low
EPSS
Percentile
26.3%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress WP-EMail plugin versions prior to 2.69.0 are vulnerable to cross-site request forgery, which stems from a failure to protect its log deletion feature using random number checking. An attacker could exploit this vulnerability to cause logged-in administrators to delete logs.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress wp-email plugin | lt | 2.69.0 |
Related
nvd
nvd
CVE-2022-1630
2022-06-20 11:15:09
wpexploit
wpexploit
WP-Email < 2.69.0 - Log Deletion via CSRF
2022-05-30 00:00:00
wpvulndb
wpvulndb
WP-Email < 2.69.0 - Log Deletion via CSRF
2022-05-30 00:00:00
cve
cve
CVE-2022-1630
2022-06-20 11:15:09
prion
prion
Cross site request forgery (csrf)
2022-06-20 11:15:00
cvelist
cvelist
CVE-2022-1630 WP-Email < 2.69.0 - Log Deletion via CSRF
2022-06-20 10:25:56