2 matches found
CVE-2022-4023
The 3DPrint WordPress plugin before 3.5.6.9 does not protect against CSRF attacks in the modified version of Tiny File Manager included with the plugin, allowing an attacker to craft a malicious request that will create an archive of any files or directories on the target server by tricking a...
CVE-2022-4023
The CVE-2022-4023 issue affects the 3DPrint WordPress plugin prior to version 3.5.6.9. A CSRF vulnerability in the modified Tiny File Manager component allows an authenticated admin to trigger creation of an archive containing arbitrary files and directories. The archive is created at a predictab...