Lucene search
Lana Codes (Patchstack Alliance)PATCHSTACK:601817C7C74CBF53FE846EFA64CDD97CHistoryNov 09, 2022 - 12:00 a.m.
WordPress REST API Authentication plugin <= 2.4.0 - Cross-Site Request Forgery (CSRF) vulnerability
2022-11-0900:00:00
Lana Codes (Patchstack Alliance)
patchstack.com
14
wordpress
rest api
authentication
csrf
vulnerability
patchstack alliance
plugin
settings
update
0.001 Low
EPSS
Percentile
32.5%
Cross-Site Request Forgery (CSRF) vulnerability leading to plugin settings change discovered by Lana Codes (Patchstack Alliance) in WordPress REST API Authentication plugin (versions <= 2.4.0).
Solution
Update the WordPress WordPress REST API Authentication plugin to the latest available version (at least 2.4.1).
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress rest api authentication | le | 2.4.0 |
Related
wpvulndb
wpvulndb
REST API Authentication < 2.4.1 - Settings Update via CSRF
2022-11-09 00:00:00
prion
prion
Cross site request forgery (csrf)
2022-11-18 23:15:00
nvd
nvd
CVE-2022-45073
2022-11-18 23:15:29
cve
cve
CVE-2022-45073
2022-11-18 23:15:29
cvelist
cvelist