Lucene search
China National Vulnerability DatabaseCNVD-2021-101946HistoryDec 18, 2021 - 12:00 a.m.
WordPress Temporary Login Without Password plugin cross-site request forgery vulnerability
2021-12-1800:00:00
China National Vulnerability Database
www.cnvd.org.cn
7
wordpress
temporary login
cross-site request forgery
vulnerability
php
mysql
settings
attackers
update
exploited
EPSS
0.001
Percentile
21.2%
WordPress is the Wordpress Foundation’s set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is a WordPress open source application plugin. WordPress Temporary Login Without Password plugin has a cross-site request forgery vulnerability in versions prior to 1.7.1, which stems from updating its The vulnerability is caused by the failure to authorize and CSRF check when updating its settings, which can be exploited by attackers to update the settings.
Related
patchstack
patchstack
wpexploit
wpexploit
cve
cve
CVE-2021-24836
2021-12-13 11:15:08
wpvulndb
wpvulndb
cvelist
cvelist
nvd
nvd
CVE-2021-24836
2021-12-13 11:15:08
prion
prion
Cross site request forgery (csrf)
2021-12-13 11:15:00