3 matches found
CVE-2022-2276
The WP Edit Menu WordPress plugin before 1.5.0 does not have authorisation and CSRF in an AJAX action, which could allow unauthenticated attackers to delete arbitrary posts/pages from the blog...
CVE-2022-2276 WP Edit Menu < 1.5.0 - Unauthenticated Arbitrary Post Deletion
The WP Edit Menu WordPress plugin before 1.5.0 does not have authorisation and CSRF in an AJAX action, which could allow unauthenticated attackers to delete arbitrary posts/pages from the blog...
CVE-2022-2276
CVE-2022-2276 affects the WordPress plugin WP Edit Menu (versions prior to 1.5.0). The issue is a lack of authorization and CSRF protection in an AJAX action, which could allow unauthenticated attackers to delete arbitrary posts or pages from a blog. The core impact is unauthorized post/page dele...