Lucene search
WpvulndbWPEX-ID:0589C52A-93E4-4CBD-9147-90073D74C88FHistoryOct 18, 2022 - 12:00 a.m.
ImageMagick-Engine < 1.7.6 - Command Injection via CSRF
2022-10-1800:00:00
wpvulndb
119
imagemagick-engine command-injection csrf wordpress-exploit
0.016 Low
EPSS
Percentile
87.6%
The plugin is missing CSRF checks in multiple actions, which could allow attackers to make a logged in admin perform unwanted actions. In this case, it could lead to RCE via Command Injection
https://example.com/wp-admin/admin-ajax.php?action=ime_test_im_path&cli_path=payloadRelated
patchstack
patchstack
osv
osv
CVE-2022-2441
2023-10-20 08:15:11
wpvulndb
wpvulndb
ImageMagick-Engine < 1.7.6 - Command Injection via CSRF
2022-10-18 00:00:00
prion
prion
Remote code execution
2023-10-20 08:15:00
cve
cve
CVE-2022-2441
2023-10-20 08:15:11
cvelist
cvelist
CVE-2022-2441
2023-10-20 07:29:28
nvd
nvd
CVE-2022-2441
2023-10-20 08:15:11