Lucene search
Muhamad hidayatWPVDB-ID:7C63D76E-34CA-4778-8784-437D446C16E0HistoryFeb 23, 2022 - 12:00 a.m.
Amelia < 1.0.46 - Arbitrary Customer Deletion via CSRF
2022-02-2300:00:00
muhamad hidayat
wpscan.com
3
0.001 Low
EPSS
Percentile
26.0%
The plugin does not have CSRF check in place when deleting customers, which could allow attackers to make a logged in admin delete arbitrary customers via a CSRF attack
PoC
| CPE | Name | Operator | Version |
|---|---|---|---|
| ameliabooking | lt | 1.0.46 |
Related
prion
prion
Cross site request forgery (csrf)
2022-03-21 19:15:00
patchstack
patchstack
cvelist
cvelist
CVE-2022-0616 Amelia < 1.0.46 - Arbitrary Customer Deletion via CSRF
2022-03-21 18:55:50
nvd
nvd
CVE-2022-0616
2022-03-21 19:15:10
wpexploit
wpexploit
Amelia < 1.0.46 - Arbitrary Customer Deletion via CSRF
2022-02-23 00:00:00
cve
cve
CVE-2022-0616
2022-03-21 19:15:10