3 matches found
CVE-2022-3899
The 3dprint WordPress plugin before 3.5.6.9 does not protect against CSRF attacks in the modified version of Tiny File Manager included with the plugin, allowing an attacker to craft a malicious request that will delete any number of files or directories on the target server by tricking a logged ...
CVE-2022-3899
The CVE-2022-3899 entry describes a CSRF vulnerability in the 3dprint WordPress plugin (versions prior to 3.5.6.9) that uses a modified Tiny File Manager. The underlying issue is a lack of CSRF protection in the file management component, allowing an attacker to craft a request that can delete fi...
CVE-2022-3899 3DPrint < 3.5.6.9 - Arbitrary File and Directory Deletion via CSRF
The 3dprint WordPress plugin before 3.5.6.9 does not protect against CSRF attacks in the modified version of Tiny File Manager included with the plugin, allowing an attacker to craft a malicious request that will delete any number of files or directories on the target server by tricking a logged ...