3 matches found
CVE-2022-2355
The Easy Username Updater WordPress plugin before 1.0.5 does not implement CSRF checks, which could allow attackers to make a logged in admin change any user's username includes the admin...
CVE-2022-2355
The CVE-2022-2355 entry affects the WordPress plugin Easy Username Updater (versions prior to 1.0.5). The root cause is lack of CSRF checks, which could allow a logged-in admin to arbitrarily change any user’s username (including the admin). Affected behavior and impact are described in multiple ...
CVE-2022-2355 Easy Username Updater < 1.0.5 - Arbitrary Username Update via CSRF
The Easy Username Updater WordPress plugin before 1.0.5 does not implement CSRF checks, which could allow attackers to make a logged in admin change any user's username includes the admin...