Lucene search
Daniel RufWPVDB-ID:B1A52C7E-3422-40DD-AF5A-EA4C622A87AAHistoryAug 23, 2022 - 12:00 a.m.
WordPress Ping Optimizer < 2.35.1.3.0 - Arbitrary Settings Update via CSRF
2022-08-2300:00:00
Daniel Ruf
wpscan.com
6
wordpress
ping optimizer
arbitrary settings update
csrf
attackers
poc
software
EPSS
0.001
Percentile
25.9%
The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
PoC
http://evil.com aaaa bbbb
Related
patchstack
patchstack
cvelist
cvelist
cve
cve
CVE-2022-1591
2022-09-19 14:15:10
prion
prion
Cross site request forgery (csrf)
2022-09-19 14:15:00
nvd
nvd
CVE-2022-1591
2022-09-19 14:15:10
wpexploit
wpexploit
WordPress Ping Optimizer < 2.35.1.3.0 - Arbitrary Settings Update via CSRF
2022-08-23 00:00:00