Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cnvdChina National Vulnerability DatabaseCNVD-2021-91416
HistoryNov 22, 2021 - 12:00 a.m.

WordPress Cross-site Request Forgery Vulnerability (CNVD-2021-91416)

2021-11-2200:00:00
China National Vulnerability Database
www.cnvd.org.cn
9
wordpress
cross-site request forgery
vulnerability
qr redirector
php
mysql
ajax
plugin

EPSS

0.001

Percentile

36.7%

JSON

WordPress is the Wordpress Foundation’s set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is a WordPress open source application plugin. cross-site request forgery vulnerability exists in versions prior to 1.6 of the QR Redirector plugin for WordPress, which stems from the QR_save_bulk AJAX operation when saving Batch QR Redirector settings are not checked for CSRF. An attacker could exploit this vulnerability to change the response status code of any QR redirect.

Related

wpvulndb 1
cvelist 1
cve 1
nvd 1
patchstack 1
prion 1
wpexploit 1
wpvulndb
wpvulndb
QR Redirector < 1.6 - Subscriber+ Arbitrary QR Redirect Response Status Update
2021-10-18 00:00:00
cvelist
cvelist
CVE-2021-24853 QR Redirector < 1.6 - Subscriber+ Arbitrary QR Redirect Response Status Update
2021-11-17 10:15:57
cve
cve
CVE-2021-24853
2021-11-17 11:15:08
nvd
nvd
CVE-2021-24853
2021-11-17 11:15:08
patchstack
patchstack
WordPress QR Redirector plugin <= 1.5 - Arbitrary QR Redirect Response Status Update vulnerability
2021-10-18 00:00:00
prion
prion
Cross site request forgery (csrf)
2021-11-17 11:15:00
wpexploit
wpexploit
QR Redirector < 1.6 - Subscriber+ Arbitrary QR Redirect Response Status Update
2021-10-18 00:00:00

EPSS

0.001

Percentile

36.7%

JSON
Related for CNVD-2021-91416
wpvulndb1cvelist1cve1nvd1patchstack1prion1wpexploit1