Lucene search
China National Vulnerability DatabaseCNVD-2022-55708HistoryJun 15, 2022 - 12:00 a.m.
WordPress Private Files plugin跨站请求伪造漏洞
2022-06-1500:00:00
China National Vulnerability Database
www.cnvd.org.cn
9
0.001 Low
EPSS
Percentile
25.9%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Private Files plugin version 0.40 and earlier versions are vulnerable to cross-site request forgery, which stems from a lack of CSRF checks. An attacker could use this vulnerability to enable a logged-in administrator to perform such an action and make the blog public via a CSRF attack.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress private files plugin | lt | 0.40 |
Related
wpvulndb
wpvulndb
Private Files <= 0.40 - Protection Disabling via CSRF
2022-05-23 00:00:00
cve
cve
CVE-2022-1793
2022-06-13 13:15:13
cvelist
cvelist
CVE-2022-1793 Private Files <= 0.40 - Protection Disabling via CSRF
2022-06-13 12:43:02
nvd
nvd
CVE-2022-1793
2022-06-13 13:15:13
wpexploit
wpexploit
Private Files <= 0.40 - Protection Disabling via CSRF
2022-05-23 00:00:00
patchstack
patchstack
prion
prion
Cross site request forgery (csrf)
2022-06-13 13:15:00