Lucene search
China National Vulnerability DatabaseCNVD-2022-55706HistoryJun 15, 2022 - 12:00 a.m.
WordPress OnePress Social Locker plugin跨站请求伪造漏洞
2022-06-1500:00:00
China National Vulnerability Database
www.cnvd.org.cn
15
wordpress
onepress
social locker
plugin
csrf
vulnerability
cross-site request forgery
attacker
administrator
php
version 5.6.2
EPSS
0.001
Percentile
26.3%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress OnePress Social Locker plugin version 5.6.2 and prior versions are vulnerable to cross-site request forgery, which stems from a failure to perform CSRF check when updating its settings. An attacker could exploit this vulnerability to allow an attacker to make logged-in administrators change them via a CSRF attack.
Related
cvelist
cvelist
wpvulndb
wpvulndb
OnePress Social Locker <= 5.6.2 - Arbitrary Settings Update via CSRF
2022-05-18 00:00:00
patchstack
patchstack
cve
cve
CVE-2022-1608
2022-06-13 13:15:11
prion
prion
Cross site request forgery (csrf)
2022-06-13 13:15:00
wpexploit
wpexploit
OnePress Social Locker <= 5.6.2 - Arbitrary Settings Update via CSRF
2022-05-18 00:00:00
nvd
nvd
CVE-2022-1608
2022-06-13 13:15:11