Lucene search
China National Vulnerability DatabaseCNVD-2022-86371HistoryNov 30, 2022 - 12:00 a.m.
WordPress WP Affiliate Platform plugin cross-site request forgery vulnerability
2022-11-3000:00:00
China National Vulnerability Database
www.cnvd.org.cn
9
wordpress
affiliate platform
cross-site request forgery
vulnerability
php
blogging platforms
random numbers
attacks
security
EPSS
0.001
Percentile
23.6%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress WP Affiliate Platform plugin 6.3.9 and earlier versions contain a cross-site request forgery vulnerability that results from the failure to validate random numbers for various functions, which can be exploited to launch cross-site request forgery attacks.
Related
cvelist
cvelist
CVE-2022-3898
2022-11-29 20:42:19
cve
cve
CVE-2022-3898
2022-11-29 21:15:11
prion
prion
Cross site request forgery (csrf)
2022-11-29 21:15:00
nvd
nvd
CVE-2022-3898
2022-11-29 21:15:11
wpvulndb
wpvulndb
WP Affiliate Platform < 6.4.0 - Affiliate Record Deletion via CSRF
2022-11-14 00:00:00