Lucene search
HistorySep 23, 2022 - 7:15 p.m.
CVE-2022-38704
cve-2022-38704
csrf
vulnerability
seo redirection plugin
wordpress
deletion
404 errors
redirection history
nvd
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
4.6 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
20.9%
Cross-Site Request Forgery (CSRF) vulnerability in SEO Redirection plugin <= 8.9 at WordPress, leading to deletion of 404 errors and redirection history.
Affected configurations
Node
wp-buyseo_redirection-301_redirect_managerRange≤8.9
| Vendor | Product | Version | CPE |
|---|---|---|---|
| wp\-buy | seo_redirection\-301_redirect_manager | * | cpe:2.3:a:wp\-buy:seo_redirection\-301_redirect_manager:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"product": "SEO Redirection Plugin – 301 Redirect Manager (WordPress plugin)",
"vendor": "WP-buy",
"versions": [
{
"lessThanOrEqual": "8.9",
"status": "affected",
"version": "<= 8.9",
"versionType": "custom"
}
]
}
]References
Social References
More
Related
patchstack
patchstack
wpvulndb
wpvulndb
SEO Redirection < 9.1 - 404 Error & History Deletion via CSRF
2022-09-23 00:00:00
cnvd
cnvd
WordPress SEO Redirection plugin cross-site request forgery vulnerability
2022-09-28 00:00:00
prion
prion
Cross site request forgery (csrf)
2022-09-23 19:15:00
cvelist
cvelist
nvd
nvd
CVE-2022-38704
2022-09-23 19:15:14
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
4.6 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
20.9%
Related for CVE-2022-38704