3 matches found
CVE-2022-36404
Missing Authorization, Cross-Site Request Forgery CSRF vulnerability in David Cole Simple SEO WordPress plugin plugin = 1.8.12 versions...
CVE-2022-36404 WordPress Simple SEO plugin <= 1.8.12 - Broken Access Control vulnerability
Missing Authorization, Cross-Site Request Forgery CSRF vulnerability in David Cole Simple SEO WordPress plugin plugin = 1.8.12 versions...
CVE-2022-36404
CVE-2022-36404 affects the WordPress Simple SEO plugin, vulnerable in versions prior to 1.8.13 due to Missing Authorization/Broken Access Control that enables Cross-Site Request Forgery (CSRF) to manipulate sitemaps. Affected component: plugin’s sitemap creation/deletion function. Impact per sour...