Lucene search
WpvulndbWPVDB-ID:DC65A65A-B588-4D7E-81C0-B72008D75379HistoryMay 06, 2022 - 12:00 a.m.
Remove CPT Base < 5.9 - CPT Deletion via CSRF
2022-05-0600:00:00
wpscan.com
7
csrf
custom post type
deletion
security
software
EPSS
0.001
Percentile
20.8%
The plugin does not have CSRF check in place when deleting the custom post type (CPT), allowing attackers to make a logged in admin do such action via a CSRF attack
Related
patchstack
patchstack
cvelist
cvelist
CVE-2022-29431 Remove CPT base <= 5.8 - CSRF leads to CPT base deletion
2022-05-20 20:47:12
prion
prion
Cross site request forgery (csrf)
2022-05-20 21:15:00
cve
cve
CVE-2022-29431
2022-05-20 21:15:10
nvd
nvd
CVE-2022-29431
2022-05-20 21:15:10