Lucene search
WpvulndbWPVDB-ID:84C3F0C5-4C64-49BD-AE4B-B73DBF1302E5HistoryJun 01, 2022 - 12:00 a.m.
Mobile Browser Color Select <= 1.0.1 - Stored Cross-Site Scripting via CSRF
2022-06-0100:00:00
wpscan.com
9
0.001 Low
EPSS
Percentile
50.5%
The plugin is lacking CSRF check in its admin_update_data() function, which could allow attackers to make a logged in admin call it, and perform Stored Cross-Site Scripting attacks due to the lack of sanitisation and escaping in the processed user input
| CPE | Name | Operator | Version |
|---|---|---|---|
| mobile-browser-color-select | eq | * |
Related
cvelist
cvelist
CVE-2022-1969
2022-06-13 13:15:13
patchstack
patchstack
cve
cve
CVE-2022-1969
2022-06-13 14:15:08
cnvd
cnvd
WordPress Mobile browser color select plugin跨站请求伪造漏洞
2022-06-15 00:00:00
prion
prion
Cross site request forgery (csrf)
2022-06-13 14:15:00
nvd
nvd
CVE-2022-1969
2022-06-13 14:15:08