CVE-2022-1885
CVE-2022-1885 affects the Cimy Header Image Rotator WordPress plugin up to version 6.1.1. The root cause is missing CSRF protection when updating settings, enabling an attacker to induce a logged-in admin to change configurations via CSRF. Multiple sources (NVD/Red Hat/CVE lists and WPScan/WP vul...