Lucene search
PRIOn knowledge basePRION:CVE-2022-1900HistoryJun 13, 2022 - 1:15 p.m.
Cross site request forgery (csrf)
2022-06-1313:15:00
PRIOn knowledge base
www.prio-n.com
5
The Copify plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3.0. This is due to missing nonce validation on the CopifySettings page. This makes it possible for unauthenticated attackers to update the plugins settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Related
patchstack
patchstack
wpvulndb
wpvulndb
Copify <= 1.3.0 - Stored Cross-Site Scripting via CSRF
2022-06-08 00:00:00
cve
cve
CVE-2022-1900
2022-06-13 13:15:13
cnvd
cnvd
WordPress plugin Copify cross-site request forgery vulnerability
2022-06-15 00:00:00
cvelist
cvelist
CVE-2022-1900
2022-06-13 12:47:42
nvd
nvd
CVE-2022-1900
2022-06-13 13:15:13