2 matches found
CVE-2022-4386
CVE-2022-4386 corresponds to a CSRF in the WordPress plugin Intuitive Custom Post Order, affecting versions up to 3.1.3. The update-menu-order AJAX action lacks CSRF protection, enabling an attacker to induce a user to change menu order. The entry notes vulnerability details and explicitly lists ...
CVE-2022-4385
Summary: The WordPress plugin Intuitive Custom Post Order (