Cross site request forgery (csrf)

2022-02-2111:15:00

PRIOn knowledge base

www.prio-n.com

8.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

43.6%

JSON

The AnyComment WordPress plugin before 0.2.18 does not have CSRF checks in the Import and Revert HyperComments features, allowing attackers to make logged in admin perform such actions via a CSRF attack

CPENameOperatorVersion
anycommentlt0.2.18

CPE	Name	Operator	Version
	anycomment	lt	0.2.18

References

wpscan.com/vulnerability/fa09ea9b-d5a0-4773-a692-9ff0200bcd85