EUVD-2022-47669

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Multiple Cross-Site Request Forgery vulnerabilities in AIOS plugin for WordPress version 5.1.0 and below

Reporter	Title	Published	Views	Family All 11
Circl	CVE-2022-44737	22 Nov 202218:13	–	circl
CNNVD	WordPress plugin All-In-One Security (AIOS) – Security and Firewall 跨站请求伪造漏洞	22 Nov 202200:00	–	cnnvd
CNVD	WordPress All-In-One Security (AIOS) - Security and Firewall plugin cross-site request forgery vulnerability	24 Nov 202200:00	–	cnvd
CVE	CVE-2022-44737	22 Nov 202216:00	–	cve
Cvelist	CVE-2022-44737 WordPress All In One WP Security plugin <= 5.1.0 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities	22 Nov 202216:00	–	cvelist
NVD	CVE-2022-44737	22 Nov 202216:15	–	nvd
OpenVAS	WordPress All In One WP Security & Firewall Plugin < 5.1.1 CSRF Vulnerability	23 Nov 202200:00	–	openvas
OSV	CVE-2022-44737	22 Nov 202216:15	–	osv
Patchstack	WordPress All In One WP Security plugin <= 5.1.0 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities	22 Nov 202200:00	–	patchstack
Prion	Cross site request forgery (csrf)	22 Nov 202216:15	–	prion

[
  {
    "enisaIdVendor": [
      {
        "id": "ba70b1dc-9ada-3ee2-af5c-9a2984395976",
        "vendor": {
          "name": "All In One WP Security & Firewall Team"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "291846c8-aac0-3a94-9991-c1a61729f606",
        "product": {
          "name": "All-In-One Security (AIOS) – Security and Firewall (WordPress plugin)"
        },
        "product_version": "n/a ≤5.1.0"
      }
    ]
  }
]

Source	Link
patchstack	www.patchstack.com/database/vulnerability/all-in-one-wp-security-and-firewall/wordpress-all-in-one-wp-security-plugin-5-1-0-multiple-cross-site-request-forgery-csrf-vulnerabilities

03 Oct 2025 20:07Current

8.7High risk

Vulners AI Score8.7

CVSS 3.15.4 - 8.8

EPSS0.00109