Lucene search
Chloe Chamberland (Wordfence)PATCHSTACK:795CF468E5F65C2D4D27337A139537DAHistoryJan 13, 2022 - 12:00 a.m.
WordPress Login/Signup Popup plugin <= 2.2 - Cross-Site Request Forgery (CSRF) vulnerability leading to Arbitrary Options Update
2022-01-1300:00:00
Chloe Chamberland (Wordfence)
patchstack.com
8
0.005 Low
EPSS
Percentile
76.2%
Cross-Site Request Forgery (CSRF) vulnerability leading to Arbitrary Options Update discovered by Chloe Chamberland (Wordfence) in WordPress Login/Signup Popup plugin (versions <= 2.2).
Solution
Update the WordPress Login/Signup Popup plugin to the latest available version (at least 2.3).
| CPE | Name | Operator | Version |
|---|---|---|---|
| login/signup popup | le | 2.2 |
Related
thn
thn
High-Severity Vulnerability in 3 WordPress Plugins Affected 84,000 Websites
2022-01-17 05:18:00
hivepro
hivepro
patchstack
patchstack
cve
cve
CVE-2022-0215
2022-01-18 17:15:10
wordfence
wordfence
84,000 WordPress Sites Affected by Three Plugins With The Same Vulnerability
2022-01-13 14:54:00
wpexploit
wpexploit
XootiX Plugins - Various Versions CSRF to Arbitrary Options Update
2022-01-13 00:00:00
cvelist
cvelist
nvd
nvd
CVE-2022-0215
2022-01-18 17:15:10
wpvulndb
wpvulndb
XootiX Plugins - Various Versions CSRF to Arbitrary Options Update
2022-01-13 00:00:00
prion
prion
Cross site request forgery (csrf)
2022-01-18 17:15:00