Lucene search
Lana Codes (Patchstack Alliance)PATCHSTACK:AE03B1FF126B7A52FA5BB6BF313D0116HistorySep 21, 2022 - 12:00 a.m.
WordPress FavIcon Switcher plugin <= 1.2.11 - Cross-Site Request Forgery (CSRF) vulnerability
2022-09-2100:00:00
Lana Codes (Patchstack Alliance)
patchstack.com
8
wordpress
favicon switcher
csrf
vulnerability
patchstack alliance
EPSS
0.001
Percentile
20.9%
Cross-Site Request Forgery (CSRF) vulnerability was discovered by Lana Codes (Patchstack Alliance) in the WordPress FavIcon Switcher plugin (versions <= 1.2.11).
Solution
Deactivate and delete. This plugin has been closed as of September 19, 2022 and is not available for download. This closure is temporary, pending a full review.
Related
cvelist
cvelist
nvd
nvd
CVE-2022-40219
2022-09-21 19:15:13
cve
cve
CVE-2022-40219
2022-09-21 19:15:13
wpvulndb
wpvulndb
FavIcon Switcher <= 1.2.11 - Arbitrary Settings Change via CSRF
2022-09-21 00:00:00
prion
prion
Cross site request forgery (csrf)
2022-09-21 19:15:00