Lucene search
WpvulndbWPVDB-ID:A2FB654F-33A4-44EA-A1A4-40CB4EEFBBFCHistoryMay 24, 2023 - 12:00 a.m.
Store Locator <= 3.98.7 - Settings Update via CSRF
2023-05-2400:00:00
wpscan.com
3
csrf
settings update
logged in admin
software
0.001 Low
EPSS
Percentile
27.6%
The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
| CPE | Name | Operator | Version |
|---|---|---|---|
| store-locator | lt | 3.98.8 |
Related
cnvd
cnvd
cvelist
cvelist
cve
cve
CVE-2022-47446
2023-05-24 17:15:09
prion
prion
Cross site request forgery (csrf)
2023-05-24 17:15:00
nvd
nvd
CVE-2022-47446
2023-05-24 17:15:09