Lucene search
WPScanCVELIST:CVE-2022-1957HistoryJul 11, 2022 - 12:57 p.m.
CVE-2022-1957 Comment License < 1.4.0 - Arbitrary Settings Update via CSRF
2022-07-1112:57:04
CWE-352
WPScan
www.cve.org
1
wordpress
plugin
csrf
settings update
admin
security vulnerability
The Comment License WordPress plugin before 1.4.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
CNA Affected
[
{
"product": "Comment License",
"vendor": "Unknown",
"versions": [
{
"lessThan": "1.4.0",
"status": "affected",
"version": "1.4.0",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2022-1957
2022-07-11 13:15:09
wpvulndb
wpvulndb
Comment License < 1.4.0 - Arbitrary Settings Update via CSRF
2022-06-16 00:00:00
cve
cve
CVE-2022-1957
2022-07-11 13:15:09
prion
prion
Cross site request forgery (csrf)
2022-07-11 13:15:00
cnvd
cnvd
WordPress Comment License plugin跨站请求伪造漏洞
2022-07-13 00:00:00
wpexploit
wpexploit
Comment License < 1.4.0 - Arbitrary Settings Update via CSRF
2022-06-16 00:00:00