2 matches found
CVE-2022-2276
CVE-2022-2276 affects the WordPress plugin WP Edit Menu (versions prior to 1.5.0). The issue is a lack of authorization and CSRF protection in an AJAX action, which could allow unauthenticated attackers to delete arbitrary posts or pages from a blog. The core impact is unauthorized post/page dele...
CVE-2022-2275
The CVE-2022-2275 instance concerns the WP Edit Menu WordPress plugin (versions before 1.5.0). The root cause is missing CSRF protection in an AJAX action, which could allow a logged-in administrator to delete arbitrary posts or pages via CSRF. Affected component: the plugin’s AJAX endpoint used ...