Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
wpvulndbDaniel RufWPVDB-ID:B50E7622-C1DC-485B-A5F5-B010B40EEF20
HistoryMay 17, 2022 - 12:00 a.m.

Hot Linked Image Cacher <= 1.16 - Image upload/cache abuse via CSRF

2022-05-1700:00:00
Daniel Ruf
wpscan.com
6

0.001 Low

EPSS

Percentile

43.4%

JSON

The plugin is vulnerable to CSRF. This can be used to store / cache images from external domains on the server, which could lead to legal risks (due to copyright violations or licensing rules).

PoC

CPENameOperatorVersion
hot-linked-image-cachereq*

Related

cve 1
cvelist 1
nvd 1
wpexploit 1
prion 1
cnvd 1
patchstack 1
cve
cve
CVE-2022-1765
2022-06-13 13:15:12
cvelist
cvelist
CVE-2022-1765 Hot Linked Image Cacher <= 1.16 - Image upload/cache abuse via CSRF
2022-06-13 12:42:43
nvd
nvd
CVE-2022-1765
2022-06-13 13:15:12
wpexploit
wpexploit
Hot Linked Image Cacher <= 1.16 - Image upload/cache abuse via CSRF
2022-05-17 00:00:00
prion
prion
Cross site request forgery (csrf)
2022-06-13 13:15:00
cnvd
cnvd
WordPress plugin Hot Linked Image Cacher cross-site request forgery vulnerability
2022-06-15 00:00:00
patchstack
patchstack
WordPress Hot Linked Image Cacher plugin <= 1.16 - Image upload/cache abuse via Cross-Site Request Forgery (CSRF) vulnerability
2022-05-17 00:00:00

0.001 Low

EPSS

Percentile

43.4%

JSON
Related for WPVDB-ID:B50E7622-C1DC-485B-A5F5-B010B40EEF20
cve1cvelist1nvd1wpexploit1prion1cnvd1patchstack1