Lucene search
China National Vulnerability DatabaseCNVD-2022-85531HistoryNov 24, 2022 - 12:00 a.m.
WordPress All-In-One Security (AIOS) - Security and Firewall plugin cross-site request forgery vulnerability
2022-11-2400:00:00
China National Vulnerability Database
www.cnvd.org.cn
14
wordpress
aios plugin
version 5.1.0
cross-site request forgery
security vulnerability
firewall
php
wordpress foundation
bulk operations
attack
EPSS
0.001
Percentile
32.3%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress All-In-One Security (AIOS) - Security and Firewall plugin version 5.1.0 and earlier is vulnerable to cross-site request forgery, which is caused by its inability to check random numbers for bulk operations and can be exploited to launch cross-site request forgery attacks.
Related
prion
prion
Cross site request forgery (csrf)
2022-11-22 16:15:00
patchstack
patchstack
openvas
openvas
nvd
nvd
CVE-2022-44737
2022-11-22 16:15:11
cvelist
cvelist
cve
cve
CVE-2022-44737
2022-11-22 16:15:11
wpvulndb
wpvulndb
All-In-One Security < 5.1.1 - Bulk Actions via CSRF
2022-11-22 00:00:00