Lucene search
WpvulndbWPVDB-ID:C1B448E0-430A-4F47-ADED-77AF8D291232HistoryAug 02, 2022 - 12:00 a.m.
MaxButtons < 9.3 - Arbitrary Settings Update via CSRF
2022-08-0200:00:00
wpscan.com
9
0.001 Low
EPSS
Percentile
41.8%
The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
| CPE | Name | Operator | Version |
|---|---|---|---|
| maxbuttons | lt | 9.3 |
Related
cvelist
cvelist
nvd
nvd
CVE-2022-36346
2022-08-22 15:15:16
patchstack
patchstack
prion
prion
Cross site request forgery (csrf)
2022-08-22 15:15:00
cve
cve
CVE-2022-36346
2022-08-22 15:15:16
openvas
openvas
WordPress MaxButtons Plugin < 9.3 Multiple Vulnerabilities
2023-10-05 00:00:00