Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 11:54 p.m.6 views

CVE-2022-2355

The Easy Username Updater WordPress plugin before 1.0.5 does not implement CSRF checks, which could allow attackers to make a logged in admin change any user's username includes the admin...

6.5CVSS6.7AI score0.00319EPSS
Exploits2References1
NVD
NVD
added 2022/08/08 2:15 p.m.16 views

CVE-2022-2355

The Easy Username Updater WordPress plugin before 1.0.5 does not implement CSRF checks, which could allow attackers to make a logged in admin change any user's username includes the admin...

6.5CVSS0.00319EPSS
Exploits2References1
OSV
OSV
added 2022/08/08 2:15 p.m.2 views

CVE-2022-2355

The Easy Username Updater WordPress plugin before 1.0.5 does not implement CSRF checks, which could allow attackers to make a logged in admin change any user's username includes the admin...

6.5CVSS5.8AI score0.00319EPSS
Exploits2References1
Prion
Prion
added 2022/08/08 2:15 p.m.18 views

Cross site request forgery (csrf)

The Easy Username Updater WordPress plugin before 1.0.5 does not implement CSRF checks, which could allow attackers to make a logged in admin change any user's username includes the admin...

4.3CVSS6.4AI score0.00319EPSS
Exploits2References1Affected Software1
CVE
CVE
added 2022/08/08 1:46 p.m.74 views

CVE-2022-2355

The CVE-2022-2355 entry affects the WordPress plugin Easy Username Updater (versions prior to 1.0.5). The root cause is lack of CSRF checks, which could allow a logged-in admin to arbitrarily change any user’s username (including the admin). Affected behavior and impact are described in multiple ...

6.5CVSS6.4AI score0.00319EPSS
Exploits2References1Affected Software1
CNNVD
CNNVD
added 2022/08/08 12:0 a.m.2 views

WordPress Plugin Easy Username Updater 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site request forgery vulnerability exists in...

6.5CVSS6.3AI score0.00319EPSS
Exploits2References3
Positive Technologies
Positive Technologies
added 2022/08/08 12:0 a.m.4 views

PT-2022-16067 · WordPress · Easy Username Updater

Name of the Vulnerable Software and Affected Versions: Easy Username Updater WordPress plugin versions prior to 1.0.5 Description: The issue is related to the lack of CSRF checks in the Easy Username Updater WordPress plugin. This could allow attackers to make a logged-in admin change any user's...

6.5CVSS6.3AI score0.00319EPSS
Exploits2References5
wpexploit
wpexploit
added 2022/07/18 12:0 a.m.179 views

Easy Username Updater < 1.0.5 - Arbitrary Username Update via CSRF

The plugin does not implement CSRF checks, which could allow attackers to make a logged in admin change any user's username includes the admin...

6.5CVSS1.1AI score0.00319EPSS
Exploits2
Patchstack
Patchstack
added 2022/07/18 12:0 a.m.18 views

WordPress Easy Username Updater plugin <= 1.0.4 - Arbitrary Username Update via Cross-Site Request Forgery (CSRF) vulnerability

Arbitrary Username Update via Cross-Site Request Forgery CSRF vulnerability discovered by Raad Haddad in WordPress Easy Username Updater plugin versions = 1.0.4. Solution Update the WordPress Easy Username Updater plugin to the latest available version at least 1.0.5...

6.5CVSS2.8AI score0.00319EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder