CVE-2022-1846

The CVE-2022-1846 entry concerns the Tiny Contact Form WordPress plugin (version up to 0.7) that lacks a CSRF check when updating settings, enabling a logged-in administrator to be coerced into changing settings via a CSRF attack. The connected documents consistently describe the vulnerability as...