Lucene search
WPScanCVELIST:CVE-2022-1630HistoryJun 20, 2022 - 10:25 a.m.
CVE-2022-1630 WP-Email < 2.69.0 - Log Deletion via CSRF
2022-06-2010:25:56
CWE-352
WPScan
www.cve.org
0.001 Low
EPSS
Percentile
26.3%
The WP-EMail WordPress plugin before 2.69.0 does not protect its log deletion functionality with nonce checks, allowing attacker to make a logged in admin delete logs via a CSRF attack
CNA Affected
[
{
"product": "WP-EMail",
"vendor": "Unknown",
"versions": [
{
"lessThan": "2.69.0",
"status": "affected",
"version": "2.69.0",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2022-1630
2022-06-20 11:15:09
wpexploit
wpexploit
WP-Email < 2.69.0 - Log Deletion via CSRF
2022-05-30 00:00:00
wpvulndb
wpvulndb
WP-Email < 2.69.0 - Log Deletion via CSRF
2022-05-30 00:00:00
cve
cve
CVE-2022-1630
2022-06-20 11:15:09
prion
prion
Cross site request forgery (csrf)
2022-06-20 11:15:00
cnvd
cnvd
WordPress WP-EMail plugin cross-site request forgery vulnerability
2022-06-22 00:00:00