Lucene search
PatchstackCVE-2022-40219HistorySep 21, 2022 - 7:15 p.m.
CVE-2022-40219
2022-09-2119:15:13
CWE-352
Patchstack
web.nvd.nist.gov
29
6
cve-2022-40219
cross-site request forgery
csrf
sedlex favicon switcher
wordpress
vulnerability
nvd
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
AI Score
4.7
Confidence
High
EPSS
0.001
Percentile
20.9%
Cross-Site Request Forgery (CSRF) vulnerability in SedLex FavIcon Switcher plugin <= 1.2.11 at WordPress allows plugin settings change.
Affected configurations
Node
sedlexfavicon-switcherRange≤1.2.11wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| sedlex | favicon-switcher | * | cpe:2.3:a:sedlex:favicon-switcher:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"product": "FavIcon Switcher (WordPress plugin)",
"vendor": "SedLex",
"versions": [
{
"lessThanOrEqual": "1.2.11",
"status": "affected",
"version": "<= 1.2.11",
"versionType": "custom"
}
]
}
]References
Social References
More
Related
cvelist
cvelist
patchstack
patchstack
nvd
nvd
CVE-2022-40219
2022-09-21 19:15:13
wpvulndb
wpvulndb
FavIcon Switcher <= 1.2.11 - Arbitrary Settings Change via CSRF
2022-09-21 00:00:00
prion
prion
Cross site request forgery (csrf)
2022-09-21 19:15:00
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
AI Score
4.7
Confidence
High
EPSS
0.001
Percentile
20.9%
Related for CVE-2022-40219