Lucene search

CVE-2022-4220

🗓️ 02 Dec 2022 21:12:15Reported by WordfenceType

The Chained Quiz plugin for WordPress has Cross-Site Request Forgery vulnerability in versions up to 1.3.2.4

Reporter	Title	Published	Views	Family All 5
WPVulnDB	Chained Quiz < 1.3.2.5 - Arbitrary Question Deletion via CSRF	2 Dec 202200:00	–	wpvulndb
Cvelist	CVE-2022-4220	2 Dec 202220:11	–	cvelist
Vulnrichment	CVE-2022-4220	2 Dec 202220:11	–	vulnrichment
Prion	Cross site request forgery (csrf)	2 Dec 202221:15	–	prion
NVD	CVE-2022-4220	2 Dec 202221:15	–	nvd

Nvd

Vulners

Node

kibokolabs chained_quizRange≤1.3.2.4wordpress

[
  {
    "vendor": "prasunsen",
    "product": "Chained Quiz",
    "versions": [
      {
        "version": "*",
        "status": "affected",
        "lessThanOrEqual": "1.3.2.4",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
plugins	www.plugins.trac.wordpress.org/changeset
wordfence	www.wordfence.com/vulnerability-advisories-continued/
plugins	www.plugins.trac.wordpress.org/browser/chained-quiz/trunk/controllers/questions.php
gist	www.gist.github.com/Xib3rR4dAr/417a11bcb9b8da28cfe5ba1c17c44d0e

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

02 Dec 2022 21:15Current

4.2Medium risk

Vulners AI Score4.2

CVSS34.3 - 5.4

EPSS0.00178

SSVC