CVE-2022-1593 – The Site Offline or Coming Soon WordPress plugin through 1.6.6 does not have CSRF check in …

27 June 2022

Vuln ID: CVE-2022-1593

Published: 2022-06-27 09:15:09Z

Description: The Site Offline or Coming Soon WordPress plugin through 1.6.6 does not have CSRF check in place when updating its settings, and it also lacking sanitisation as well as escaping in some of them. As a result, attackers could make a logged in admin change them and put Cross-Site Scripting payloads in them via a CSRF attack

Source: NVD.NIST.GOV

Date:

27 June 2022

Categorie(s):

NVD

Tag(s):

NVD

AI-Controlled Fighter Jets Are Dogfighting With Human Pilots Now20 April 2024
Phishing Scams in the Gaming Community20 April 2024
Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks20 April 2024
Palo Alto Networks Discloses More Details on Critical PAN-OS Flaw Under Attack20 April 2024
How APIs Help To Improve Your Customers’ Experience [5 Tips]20 April 2024