Lucene search
China National Vulnerability DatabaseCNVD-2022-54354HistoryJun 30, 2022 - 12:00 a.m.
WordPress Cimy Header Image Rotator plugin跨站请求伪造漏洞
2022-06-3000:00:00
China National Vulnerability Database
www.cnvd.org.cn
13
wordpress
plugin
vulnerability
csrf
attack
configuration
EPSS
0.001
Percentile
25.9%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress Cimy Header Image Rotator plugin 6.1.1 and earlier versions are vulnerable to cross-site request forgery, which stems from the failure to perform CSRF checks when updating its settings. An attacker could use this vulnerability to get the logged-in administrator to change the configuration via a CSRF attack.
Related
cvelist
cvelist
nvd
nvd
CVE-2022-1885
2022-06-27 09:15:10
prion
prion
Cross site request forgery (csrf)
2022-06-27 09:15:00
wpexploit
wpexploit
Cimy Header Image Rotator <= 6.1.1 - Arbitrary Settings Update via CSRF
2022-06-01 00:00:00
wpvulndb
wpvulndb
Cimy Header Image Rotator <= 6.1.1 - Arbitrary Settings Update via CSRF
2022-06-01 00:00:00
cve
cve
CVE-2022-1885
2022-06-27 09:15:10