Lucene search
K

10 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-24901

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00513EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:11 p.m.5 views

CVE-2022-1612

The Webriti SMTP Mail WordPress plugin through 1.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

6.5CVSS6.7AI score0.00513EPSS
Exploits2References1
CNVD
CNVD
added 2022/06/15 12:0 a.m.24 views

WordPress Webriti SMTP Mail plugin跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Webriti SMTP Mail plugin version 1.0 and earlier versions are vulnerable to cross-site request...

4.3CVSS2.3AI score0.00513EPSS
Exploits2Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/06/13 1:15 p.m.3 views

CVE-2022-1612

The Webriti SMTP Mail WordPress plugin through 1.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

6.5CVSS6.6AI score0.00513EPSS
Exploits2References2
NVD
NVD
added 2022/06/13 1:15 p.m.18 views

CVE-2022-1612

The Webriti SMTP Mail WordPress plugin through 1.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

6.5CVSS0.00513EPSS
Exploits2References1
Prion
Prion
added 2022/06/13 1:15 p.m.17 views

Cross site request forgery (csrf)

The Webriti SMTP Mail WordPress plugin through 1.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

4.3CVSS6.3AI score0.00513EPSS
Exploits2References1Affected Software1
CVE
CVE
added 2022/06/13 12:42 p.m.76 views

CVE-2022-1612

CVE-2022-1612 : The Webriti SMTP Mail WordPress plugin (version ≤ 1.0) lacks CSRF protection when updating settings, enabling a logged-in admin or attacker with user access to alter configuration via a CSRF attack. Impact is stated as possible arbitrary settings changes; exploits are demonstrated...

6.5CVSS6.3AI score0.00513EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2022/06/13 12:42 p.m.24 views

CVE-2022-1612 Webriti SMTP Mail <= 1.0 - Arbitrary Settings Update via CSRF

The Webriti SMTP Mail WordPress plugin through 1.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

6.6AI score0.00513EPSS
Exploits2References1
CNNVD
CNNVD
added 2022/06/13 12:0 a.m.3 views

WordPress plugin Webriti SMTP Mail 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Webriti SMTP Mail plugin version 1.0 and earlier versions are vulnerable to cross-site request...

6.5CVSS5.5AI score0.00513EPSS
Exploits2References2
WPVulnDB
WPVulnDB
added 2022/05/18 12:0 a.m.24 views

Webriti SMTP Mail <= 1.0 - Arbitrary Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack PoC...

6.5CVSS4.4AI score0.00513EPSS
Exploits2Affected Software1
Rows per page
Query Builder