Lucene search
China National Vulnerability DatabaseCNVD-2022-88242HistorySep 28, 2022 - 12:00 a.m.
WordPress Bitcoin / Altcoin Faucet Cross-Site Request Forgery Vulnerability
2022-09-2800:00:00
China National Vulnerability Database
www.cnvd.org.cn
5
wordpress
altcoin faucet
cross-site request forgery
php
vulnerability
attack
cleanup
escaping
security
0.001 Low
EPSS
Percentile
21.2%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WoWordPress Bitcoin / Altcoin Faucet 1.6.0 and earlier versions are vulnerable to cross-site request forgery, which stems from not doing any CSRF checks when saving its settings, and can be exploited by attackers to launch cross-site request forgery attacks, due to lack of cleanup and escaping could also lead to the storage of cross-site scripts.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress bitcoin / altcoin faucet | le | 1.6.0 |
Related
nvd
nvd
CVE-2022-3025
2022-09-26 13:15:10
wpvulndb
wpvulndb
Bitcoin / Altcoin Faucet <= 1.6.0 - Settings Update to Stored XSS via CSRF
2022-08-31 00:00:00
prion
prion
Cross site scripting
2022-09-26 13:15:00
cve
cve
CVE-2022-3025
2022-09-26 13:15:10
cvelist
cvelist
wpexploit
wpexploit
Bitcoin / Altcoin Faucet <= 1.6.0 - Settings Update to Stored XSS via CSRF
2022-08-31 00:00:00
