Lucene search
Daniel RufPATCHSTACK:123828691FA0A4507ABD364972A1D72DHistoryJun 20, 2022 - 12:00 a.m.
WordPress WP Opt-in plugin <= 1.4.1 - Arbitrary Settings Update via Cross-Site Request Forgery (CSRF) vulnerability
2022-06-2000:00:00
Daniel Ruf
patchstack.com
3
wordpress
opt-in
plugin
csrf
vulnerability
daniel ruf
arbitrary settings update
EPSS
0.001
Percentile
25.9%
Arbitrary Settings Update via Cross-Site Request Forgery (CSRF) vulnerability discovered by Daniel Ruf in WordPress WP Opt-in plugin (versions <= 1.4.1).
Solution
Deactivate and delete. This plugin has been closed as of June 15, 2022 and is not available for download. This closure is temporary, pending a full review.
Related
cve
cve
CVE-2022-2123
2022-07-11 13:15:09
cnvd
cnvd
WordPress Opt-in plugin cross-site request forgery vulnerability
2022-07-13 00:00:00
prion
prion
Cross site request forgery (csrf)
2022-07-11 13:15:00
wpvulndb
wpvulndb
WP Opt-in <= 1.4.1 - Arbitrary Settings Update via CSRF
2022-06-20 00:00:00
cvelist
cvelist
CVE-2022-2123 WP Opt-in <= 1.4.1 - Arbitrary Settings Update via CSRF
2022-07-11 12:57:36
wpexploit
wpexploit
WP Opt-in <= 1.4.1 - Arbitrary Settings Update via CSRF
2022-06-20 00:00:00
nvd
nvd
CVE-2022-2123
2022-07-11 13:15:09