Lucene search
PatchstackCVELIST:CVE-2022-42880HistoryJun 13, 2023 - 1:50 p.m.
CVE-2022-42880 WordPress Auto Upload Images Plugin <= 3.3 is vulnerable to Cross Site Request Forgery (CSRF)
2023-06-1313:50:38
CWE-352
Patchstack
www.cve.org
2
wordpress
auto upload images
csrf
stored xss
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
16.6%
Cross-Site Request Forgery (CSRF) vulnerability in Ali Irani Auto Upload Images plugin <=Β 3.3 versionsΒ allows Stored Cross-Site Scripting (XSS).
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "auto-upload-images",
"product": "Auto Upload Images",
"vendor": "Ali Irani",
"versions": [
{
"changes": [
{
"at": "3.3.1",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.3",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
cve
cve
CVE-2022-42880
2023-06-13 15:15:11
prion
prion
Cross site request forgery (csrf)
2023-06-13 15:15:00
osv
osv
CVE-2022-42880
2023-06-13 15:15:11
patchstack
patchstack
nvd
nvd
CVE-2022-42880
2023-06-13 15:15:11
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
16.6%
Related for CVELIST:CVE-2022-42880