Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cnvdChina National Vulnerability DatabaseCNVD-2022-86456
HistoryNov 23, 2022 - 12:00 a.m.

WordPress My wpdb plugin cross-site request forgery vulnerability

2022-11-2300:00:00
China National Vulnerability Database
www.cnvd.org.cn
13
wordpress
wpdb plugin
cross-site request forgery
sql queries
administrator
vulnerability

EPSS

0.002

Percentile

61.3%

JSON

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress My wpdb plugin versions prior to 2.5 are vulnerable to cross-site request forgery, which stems from a lack of CSRF checks when running SQL queries, and can be exploited to allow a logged-in administrator to execute arbitrary SQL queries.

Related

cve 1
prion 1
patchstack 1
wpexploit 1
wpvulndb 1
cvelist 1
nvd 1
cve
cve
CVE-2022-1578
2022-11-21 11:15:19
prion
prion
Cross site request forgery (csrf)
2022-11-21 11:15:00
patchstack
patchstack
WordPress My wpdb plugin <= 2.4 - Arbitrary SQL Query via Cross-Site Request Forgery (CSRF) vulnerability
2022-10-29 00:00:00
wpexploit
wpexploit
My wpdb < 2.5 - Arbitrary SQL Query via CSRF
2022-10-28 00:00:00
wpvulndb
wpvulndb
My wpdb < 2.5 - Arbitrary SQL Query via CSRF
2022-10-28 00:00:00
cvelist
cvelist
CVE-2022-1578 My wpdb < 2.5 - Arbitrary SQL Query via CSRF
2022-11-21 00:00:00
nvd
nvd
CVE-2022-1578
2022-11-21 11:15:19

EPSS

0.002

Percentile

61.3%

JSON
Related for CNVD-2022-86456
cve1prion1patchstack1wpexploit1wpvulndb1cvelist1nvd1