EUVD-2022-26420

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Cross-site request forgery in Mail Magazine Management Plugin allows remote attacks and data deletion.

Reporter	Title	Published	Views	Family All 10
ATTACKERKB	CVE-2022-21179	24 Feb 202215:15	–	attackerkb
Circl	CVE-2022-21179	24 Feb 202218:20	–	circl
CNNVD	Ec-cube 跨站请求伪造漏洞	22 Feb 202200:00	–	cnnvd
CVE	CVE-2022-21179	24 Feb 202209:50	–	cve
Cvelist	CVE-2022-21179	24 Feb 202209:50	–	cvelist
Japan Vulnerability Notes	JVN#67108459: EC-CUBE plugin "Mail Magazine Management Plugin" vulnerable to cross-site request forgery	22 Feb 202200:00	–	jvn
Japan Vulnerability Notes	EC-CUBE plugin "Mail Magazine Management Plugin" vulnerable to cross-site request forgery	22 Feb 202205:09	–	jvn
NVD	CVE-2022-21179	24 Feb 202215:15	–	nvd
Prion	Cross site request forgery (csrf)	24 Feb 202215:15	–	prion
RedhatCVE	CVE-2022-21179	22 May 202521:51	–	redhatcve

[
  {
    "enisaIdVendor": [
      {
        "id": "0f597c61-a665-3c5a-9ca1-8393a9bb972d",
        "vendor": {
          "name": "EC-CUBE CO.,LTD."
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "2bf29434-1433-347e-9fd0-5a931402d01d",
        "product": {
          "name": "EC-CUBE plugin 'Mail Magazine Management Plugin'"
        },
        "product_version": "ver4.0.0 to 4.1.1 (for EC-CUBE 4 series) and ver1.0.0 to 1.0.4 (for EC-CUBE 3 series)"
      }
    ]
  }
]

Source	Link
ec-cube	www.ec-cube.net/info/weakness/20220221/mail_magazine_plugin.php
jvn	www.jvn.jp/en/jp/JVN67108459/index.html

03 Oct 2025 20:07Current

4.7Medium risk

Vulners AI Score4.7

CVSS 3.14.3

CVSS 24.3

EPSS0.00104