CVE-2022-1092
The CVE-2022-1092 entry corresponds to the WordPress plugin myCred, specifically versions prior to 2.4.3.1. The vulnerability is in the mycred-tools-import-export AJAX action, which lacks authorization and CSRF checks, allowing any authenticated user to call the action and disclose the list of em...