Lucene search

K
wpvulndbWpvulndbWPVDB-ID:A2E9B803-832E-4768-8056-059EA29F90D1
HistoryFeb 07, 2023 - 12:00 a.m.

Wicked Folders < 2.18.17 - Folder Structure Update via CSRF

2023-02-0700:00:00
wpscan.com
8
wicked folders
csrf
folder structure
admins
attackers
security issue

EPSS

0.002

Percentile

51.9%

The plugin does not have CSRF checks when managing its folder structure (such as moving, deleting, creating etc folders), which could allow attackers to make logged admins perform such actions via CSRF attacks

CPENameOperatorVersion
wicked-folderslt2.18.17

EPSS

0.002

Percentile

51.9%

Related for WPVDB-ID:A2E9B803-832E-4768-8056-059EA29F90D1