Lucene search

K
wpvulndbWpvulndbWPVDB-ID:54809EAE-E69A-40E4-B5D5-228BFFAC1A39
HistoryFeb 06, 2023 - 12:00 a.m.

ShopLentor < 2.5.2 - Settings Update via CSRF

2023-02-0600:00:00
wpscan.com
13
shoplentor
plugin
settings
csrf
vulnerability
attack
admin
software

EPSS

0.001

Percentile

20.5%

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack

EPSS

0.001

Percentile

20.5%

Related for WPVDB-ID:54809EAE-E69A-40E4-B5D5-228BFFAC1A39