2 matches found
CVE-2022-1610 Seamless Donations < 5.1.9 - Arbitrary Settings Update via CSRF
The Seamless Donations WordPress plugin before 5.1.9 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...
CVE-2022-1610
CVE-2022-1610 affects the WordPress plugin Seamless Donations (versions before 5.1.9). The root cause is a missing CSRF check when updating settings, which could let a logged-in attacker perform a CSRF attack to change settings. Public references (NVD, RH, CNVD, CVE lists) corroborate the vulnera...