mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-30 18:56:19 +00:00
890 B
890 B
CVE-2022-3489
&color=brighgreen)
Description
The WP Hide WordPress plugin through 0.0.2 does not have authorisation and CSRF checks in place when updating the custom_wpadmin_slug settings, allowing unauthenticated attackers to update it with a crafted request
POC
Reference
Github
No PoCs found on GitHub currently.