CVE-2023-0722

🗓️ 08 Feb 2023 02:08:15Reported by [email protected]Type

The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to 2.18.16 due to missing nonce validation

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 7
Cvelist	CVE-2023-0722	8 Feb 202301:12	–	cvelist
Patchstack	WordPress Wicked Folders Plugin <= 2.18.16 is vulnerable to Cross Site Request Forgery (CSRF)	8 Feb 202300:00	–	patchstack
Vulnrichment	CVE-2023-0722	8 Feb 202301:12	–	vulnrichment
Prion	Cross site request forgery (csrf)	8 Feb 202302:15	–	prion
CVE	CVE-2023-0722	8 Feb 202302:15	–	cve
WPVulnDB	Wicked Folders < 2.18.17 - Folder Structure Update via CSRF	7 Feb 202300:00	–	wpvulndb
Wordfence Blog	Wordfence Intelligence CE Weekly Vulnerability Report (Feb 6, 2023 to Feb 12, 2023)	16 Feb 202315:21	–	wordfence

Nvd

Node

wickedplugins wicked_foldersRange≤2.18.16wordpress

Source	Link
plugins	www.plugins.trac.wordpress.org/changeset
plugins	www.plugins.trac.wordpress.org/browser/wicked-folders/tags/2.18.16/lib/class-wicked-folders-ajax.php
wordfence	www.wordfence.com/threat-intel/vulnerabilities/id/261a1bf0-a147-48c8-878e-f9b725ac74d8

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

08 Feb 2023 02:15Current

5.2Medium risk

Vulners AI Score5.2

CVSS34.3

EPSS0.00091