cve/CVE-2022-1895.md at c052d0d6949679697108fa931a00cd4220694869

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-31 10:40:54 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

The underConstruction WordPress plugin before 1.20 does not have CSRF check in place when deactivating the construction mode, which could allow attackers to make a logged in admin perform such action via a CSRF attack

POC

Reference

https://wpscan.com/vulnerability/bd9ef7e0-ebbb-4b91-8c58-265218a3c536

Github

https://github.com/ARPSyndicate/cvemon

787 B Raw Blame History

CVE-2022-1895

Description

POC

Reference

Github

787 B

Raw Blame History