Lucene search
Julien Ahrens (RCE Security)PATCHSTACK:056B544A91892E1CA9601B91B7B108DFHistoryNov 16, 2022 - 12:00 a.m.
WordPress BeCustom premium plugin <= 1.0.5.2 - Cross-Site Request Forgery (CSRF) vulnerability
2022-11-1600:00:00
Julien Ahrens (RCE Security)
patchstack.com
7
wordpress
becustom plugin
cross-site request forgery
vulnerability
julien ahrens
rce security
update
0.001 Low
EPSS
Percentile
41.5%
Cross-Site Request Forgery (CSRF) vulnerability leading to plugin settings change discovered by Julien Ahrens (RCE Security) in the WordPress BeCustom premium plugin (versions <= 1.0.5.2).
Solution
Update the WordPress BeCustom plugin to the latest available version (at least 1.0.5.3).
References
Related
wpvulndb
wpvulndb
Becustom < 1.0.5.3 - Settings Update via CSRF
2022-11-14 00:00:00
cve
cve
CVE-2022-3747
2022-11-29 21:15:11
cvelist
cvelist
CVE-2022-3747
2022-11-29 20:41:02
zdt
zdt
WordPress BeTheme BeCustom 1.0.5.2 Cross Site Request Forgery Vulnerability
2022-11-16 00:00:00
wpexploit
wpexploit
Becustom < 1.0.5.3 - Settings Update via CSRF
2022-11-14 00:00:00
packetstorm
packetstorm
WordPress BeTheme BeCustom 1.0.5.2 Cross Site Request Forgery
2022-11-15 00:00:00
nvd
nvd
CVE-2022-3747
2022-11-29 21:15:11
prion
prion
Cross site request forgery (csrf)
2022-11-29 21:15:00