Lucene search
PRIOn knowledge basePRION:CVE-2022-2071HistoryJul 25, 2022 - 1:15 p.m.
Cross site request forgery (csrf)
2022-07-2513:15:00
PRIOn knowledge base
www.prio-n.com
5
0.001 Low
EPSS
Percentile
26.5%
The Name Directory WordPress plugin before 1.25.4 does not have CSRF check when importing names, and is also lacking sanitisation as well as escaping in some of the imported data, which could allow attackers to make a logged in admin import arbitrary names with XSS payloads in them.
| CPE | Name | Operator | Version |
|---|---|---|---|
| name_directory | lt | 1.25.4 |
Related
wpvulndb
wpvulndb
Name Directory < 1.25.4 - Stored Cross-Site Scripting via CSRF
2022-07-04 00:00:00
nvd
nvd
CVE-2022-2071
2022-07-25 13:15:08
wpexploit
wpexploit
Name Directory < 1.25.4 - Stored Cross-Site Scripting via CSRF
2022-07-04 00:00:00
cvelist
cvelist
CVE-2022-2071 Name Directory < 1.25.4 - Stored Cross-Site Scripting via CSRF
2022-07-25 12:46:28
patchstack
patchstack
cnvd
cnvd
WordPress plugin Name Directory跨站请求伪造漏洞
2022-07-27 00:00:00
cve
cve
CVE-2022-2071
2022-07-25 13:15:08