Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
wpvulndbWpvulndbWPVDB-ID:FD38B94C-CDE8-448F-9D7B-F8272E5A8BA0
HistoryJan 24, 2022 - 12:00 a.m.

Access Demo Importer < 1.0.8 - Data Reset via CSRF

2022-01-2400:00:00
wpscan.com
12
plugin
csrf
attacker
admin
data reset
security

EPSS

0.001

Percentile

21.6%

JSON

The plugin does not have CSRF check in place which could allow an attacker to make a logged in admin reset the data of post/page/media

Related

patchstack 1
prion 1
cve 1
nvd 1
cvelist 1
patchstack
patchstack
WordPress Access Demo Importer plugin <= 1.0.7 - Cross-Site Request Forgery (CSRF) vulnerability leading to Data Reset (Posts / Pages / Media)
2022-01-24 00:00:00
prion
prion
Cross site request forgery (csrf)
2022-04-18 17:15:00
cve
cve
CVE-2022-23976
2022-04-18 17:15:16
nvd
nvd
CVE-2022-23976
2022-04-18 17:15:16
cvelist
cvelist
CVE-2022-23976 WordPress Access Demo Importer plugin <= 1.0.7 - Cross-Site Request Forgery (CSRF) vulnerability leading to Data Reset (Posts / Pages / Media)
2022-04-18 16:20:30

EPSS

0.001

Percentile

21.6%

JSON
Related for WPVDB-ID:FD38B94C-CDE8-448F-9D7B-F8272E5A8BA0
patchstack1prion1cve1nvd1cvelist1