Lucene search
Yamato KamiokaPATCHSTACK:6C3022AAE8879333876AA643FD059792HistorySep 22, 2022 - 12:00 a.m.
WordPress Demon Image Annotation plugin <= 4.7 - Arbitrary Settings Update to Stored Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) vulnerability
2022-09-2200:00:00
Yamato Kamioka
patchstack.com
5
wordpress demon image annotation
arbitrary settings update
stored cross-site scripting
cross-site request forgery
yamato kamioka
0.002 Low
EPSS
Percentile
60.8%
Arbitrary Settings Update leading to Stored Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) vulnerability discovered by Yamato Kamioka in WordPress Demon Image Annotation plugin (versions <= 4.7).
Solution
Update the WordPress Demon image annotation plugin to the latest available version (at least 4.8).
| CPE | Name | Operator | Version |
|---|---|---|---|
| demon image annotation | le | 4.7 |
Related
cvelist
cvelist
CVE-2022-2864
2022-10-28 16:52:09
prion
prion
Cross site request forgery (csrf)
2022-10-28 17:15:00
nvd
nvd
CVE-2022-2864
2022-10-28 17:15:22
cve
cve
CVE-2022-2864
2022-10-28 17:15:22
wpvulndb
wpvulndb
cnvd
cnvd
WordPress demon image annotation cross-site request forgery vulnerability
2022-10-31 00:00:00