Lucene search
China National Vulnerability DatabaseCNVD-2022-87356HistoryOct 12, 2022 - 12:00 a.m.
WordPress Simple File List cross-site request forgery vulnerability
2022-10-1200:00:00
China National Vulnerability Database
www.cnvd.org.cn
7
wordpress
php
cross-site request forgery
nonce checking
administrator
security vulnerability
0.001 Low
EPSS
Percentile
26.5%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Simple File List versions prior to 4.4.12 are vulnerable to cross-site request forgery, which stems from its failure to implement nonce checking and could be exploited to allow a logged-in administrator to create new pages and change their content.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress simple file list | lt | 4.4.12 |
Related
prion
prion
Cross site request forgery (csrf)
2022-10-10 21:15:00
cve
cve
CVE-2022-3208
2022-10-10 21:15:11
nvd
nvd
CVE-2022-3208
2022-10-10 21:15:11
patchstack
patchstack
wpvulndb
wpvulndb
Simple File List < 4.4.13 - Page Creation via CSRF
2022-09-19 00:00:00
wpexploit
wpexploit
Simple File List < 4.4.13 - Page Creation via CSRF
2022-09-19 00:00:00
cvelist
cvelist
CVE-2022-3208 Simple File List < 4.4.13 - Page Creation via CSRF
2022-10-10 00:00:00