CVE-2022-2435

The AnyMind Widget plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.1. This is due to missing nonce protection on the createDOMStructure function found in the /anymind-widget-id.php file. This makes it possible for unauthenticated attackers to...

Cross site request forgery (csrf)

The AnyMind Widget plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.1. This is due to missing nonce protection on the createDOMStructure function found in the /anymind-widget-id.php file. This makes it possible for unauthenticated attackers to...

WordPress plugin AnyMind Widget 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin AnyMind Widget 1.1 and...

PT-2022-16633

Name of the Vulnerable Software and Affected Versions AnyMind Widget plugin for WordPress versions up to, and including 1.1 Description The issue is due to missing nonce protection on the createDOMStructure function found in the /anymind-widget-id.php file. This makes it possible for...