Lucene search
Daniel RufWPVDB-ID:31B413E1-D4B5-463E-9910-37876881C062HistoryMay 23, 2022 - 12:00 a.m.
Peter’s Collaboration E-mails <= 2.2.0 - Arbitrary Settings Update via CSRF
2022-05-2300:00:00
Daniel Ruf
wpscan.com
6
0.001 Low
EPSS
Percentile
26.3%
The plugin is vulnerable to CSRF due to missing nonce checks. This allows the change of its settings, which can be used to lower the required user level, change texts, the used email address and more.
PoC
| CPE | Name | Operator | Version |
|---|---|---|---|
| peters-collaboration-e-mails | eq | * |
Related
cnvd
cnvd
nvd
nvd
CVE-2022-1761
2022-06-13 13:15:12
prion
prion
Cross site request forgery (csrf)
2022-06-13 13:15:00
patchstack
patchstack
wpexploit
wpexploit
Peter’s Collaboration E-mails <= 2.2.0 - Arbitrary Settings Update via CSRF
2022-05-23 00:00:00
cvelist
cvelist
cve
cve
CVE-2022-1761
2022-06-13 13:15:12