Lucene search
China National Vulnerability DatabaseCNVD-2022-62208HistoryJun 13, 2022 - 12:00 a.m.
WordPress Files Download Delay plugin跨站请求伪造漏洞
2022-06-1300:00:00
China National Vulnerability Database
www.cnvd.org.cn
15
0.001 Low
EPSS
Percentile
21.2%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress Files Download Delay plugin versions prior to 1.0.7 are vulnerable to cross-site request forgery, which stems from the plugin’s failure to authorize and CSRF checks when resetting its settings. An attacker could exploit this vulnerability to allow any authenticated user (such as a subscriber) to perform a cross-site request forgery attack.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress files download delay plugin | lt | 1.0.7 |
Related
patchstack
patchstack
nvd
nvd
CVE-2022-1570
2022-06-08 10:15:09
wpexploit
wpexploit
Files Download Delay < 1.0.7 - Subscriber+ Settings Reset
2022-05-13 00:00:00
cve
cve
CVE-2022-1570
2022-06-08 10:15:09
cvelist
cvelist
CVE-2022-1570 Files Download Delay < 1.0.7 - Subscriber+ Settings Reset
2022-06-06 08:51:07
prion
prion
Cross site request forgery (csrf)
2022-06-08 10:15:00
wpvulndb
wpvulndb
Files Download Delay < 1.0.7 - Subscriber+ Settings Reset
2022-05-13 00:00:00