Lucene search
WPScanCVELIST:CVE-2022-1603HistoryJun 20, 2022 - 10:25 a.m.
CVE-2022-1603 Mail Subscribe List < 2.1.4 - Arbitrary Subscribed User Deletion via CSRF
2022-06-2010:25:51
CWE-352
WPScan
www.cve.org
The Mail Subscribe List WordPress plugin before 2.1.4 does not have CSRF check in place when deleting subscribed users, which could allow attackers to make a logged in admin perform such action and delete arbitrary users from the subscribed list
CNA Affected
[
{
"product": "Mail Subscribe List",
"vendor": "Unknown",
"versions": [
{
"lessThan": "2.1.4",
"status": "affected",
"version": "2.1.4",
"versionType": "custom"
}
]
}
]Related
prion
prion
Cross site request forgery (csrf)
2022-06-20 11:15:00
wpvulndb
wpvulndb
Mail Subscribe List < 2.1.4 - Arbitrary Subscribed User Deletion via CSRF
2022-05-26 00:00:00
cve
cve
CVE-2022-1603
2022-06-20 11:15:09
wpexploit
wpexploit
Mail Subscribe List < 2.1.4 - Arbitrary Subscribed User Deletion via CSRF
2022-05-26 00:00:00
nvd
nvd
CVE-2022-1603
2022-06-20 11:15:09
patchstack
patchstack
cnvd
cnvd
WordPress Mail Subscribe List plugin跨站请求伪造漏洞
2022-06-22 00:00:00