CVE-2022-1845 WP Post Styling < 1.3.1 - Multiple CSRF

2022-06-2708:57:57

CWE-352

WPScan

www.cve.org

wp post styling

csrf

vulnerability

wordpress

plugin

AI Score

Confidence

High

EPSS

0.001

Percentile

25.9%

JSON

The WP Post Styling WordPress plugin before 1.3.1 does not have CSRF checks in various actions, which could allow attackers to make a logged in admin delete plugin’s data, update the settings, add new entries and more via CSRF attacks

CNA Affected

[
  {
    "product": "WP Post Styling",
    "vendor": "Unknown",
    "versions": [
      {
        "lessThan": "1.3.1",
        "status": "affected",
        "version": "1.3.1",
        "versionType": "custom"
      }
    ]
  }
]

References

wpscan.com/vulnerability/6ee3e9e2-ff57-41c4-8cc5-b258801a8a02