Lucene search
China National Vulnerability DatabaseCNVD-2021-102816HistoryDec 18, 2021 - 12:00 a.m.
WordPress Pixel Cat plugin cross-site request forgery vulnerability
2021-12-1800:00:00
China National Vulnerability Database
www.cnvd.org.cn
10
wordpress
pixel cat
plugin
cross-site request forgery
vulnerability
php
mysql
spoofed malicious request
sensitive action
EPSS
0.001
Percentile
32.0%
WordPress is the Wordpress Foundation’s set of blogging platform developed using the PHP language. The platform supports setting up personal blogging sites on PHP and MySQL servers. Pixel Cat Plugin is a WordPress open source application plugin. WordPress Pixel Cat Plugins has a cross-site request forgery vulnerability prior to 2.6.2, which stems from the Pixel Cat WordPress plugin not adequately saving settings when verify that the request comes from a trusted user. An attacker could use the spoofed malicious request to trick victims into clicking through to perform a sensitive action.
Related
cvelist
cvelist
CVE-2021-24922 Pixel Cat Lite < 2.6.2 - CSRF to Stored Cross-Site Scripting
2021-12-13 10:41:19
wpvulndb
wpvulndb
Pixel Cat Lite < 2.6.2 - CSRF to Stored Cross-Site Scripting
2021-11-15 00:00:00
patchstack
patchstack
wpexploit
wpexploit
Pixel Cat Lite < 2.6.2 - CSRF to Stored Cross-Site Scripting
2021-11-15 00:00:00
prion
prion
Cross site scripting
2021-12-13 11:15:00
nvd
nvd
CVE-2021-24922
2021-12-13 11:15:09
cve
cve
CVE-2021-24922
2021-12-13 11:15:09