2 matches found
CVE-2022-1826 Cross-Linker <= 3.0.1.9 - Arbitrary Cross-Link Creation via CSRF
The Cross-Linker WordPress plugin through 3.0.1.9 does not have CSRF check in place when creating Cross-Links, which could allow attackers to make a logged in admin perform such action via a CSRF attack...
CVE-2022-1826
The CVE-2022-1826 entry concerns the WordPress Cross-Linker plugin (versions up to 3.0.1.9). The vulnerability is a missing CSRF check when creating Cross-Links, which could allow an attacker to induce a logged-in administrator to perform arbitrary link creation via a CSRF attack. Root cause: abs...