Lucene search
WpvulndbWPVDB-ID:C1B448E0-430A-4F47-ADED-77AF8D291232HistoryAug 02, 2022 - 12:00 a.m.
MaxButtons < 9.3 - Arbitrary Settings Update via CSRF
2022-08-0200:00:00
wpscan.com
10
maxbuttons
csrf
vulnerability
settings
update
software
EPSS
0.001
Percentile
41.8%
The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
Related
cvelist
cvelist
cve
cve
CVE-2022-36346
2022-08-22 15:15:16
nvd
nvd
CVE-2022-36346
2022-08-22 15:15:16
prion
prion
Cross site request forgery (csrf)
2022-08-22 15:15:00
patchstack
patchstack
openvas
openvas
WordPress MaxButtons Plugin < 9.3 Multiple Vulnerabilities
2023-10-05 00:00:00