CVE-2022-1572 – The HTML2WP WordPress plugin through 1.0.0 does not have authorisation and CSRF checks in …

27 June 2022

Vuln ID: CVE-2022-1572

Published: 2022-06-27 09:15:09Z

Description: The HTML2WP WordPress plugin through 1.0.0 does not have authorisation and CSRF checks in an AJAX action, available to any authenticated users such as subscriber, which could allow them to delete arbitrary file

Source: NVD.NIST.GOV

Date:

27 June 2022

Categorie(s):

NVD

Tag(s):

NVD

Hackers make millions of attempts to exploit WordPress plugin vulnerability26 April 2024
Cybersecurity provider Darktrace to be acquired by Thoma Bravo for $5.3B26 April 2024
BeyondTrust Report: Microsoft Security Vulnerabilities Decreased by 5% in 202326 April 2024
Kaiser Permanente shared 13.4M people’s data with Microsoft Bing, Google, others26 April 2024
Discover How DeepL Write Pro Enhances Accuracy and Security26 April 2024