CVE-2022-1842 – The OpenBook Book Data WordPress plugin through 3.5.2 does not have CSRF check in place wh …

27 June 2022

Vuln ID: CVE-2022-1842

Published: 2022-06-27 09:15:09Z

Description: The OpenBook Book Data WordPress plugin through 3.5.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping as well

Source: NVD.NIST.GOV

Date:

27 June 2022

Categorie(s):

NVD

Tag(s):

NVD

Security Leaders Braced for Daily AI-Driven Attacks by Year-End24 April 2024
Comcast Business MDR limits the impact of cyber threats24 April 2024
Global attacker median dwell time continues to fall24 April 2024
Popular Keyboard Apps Leak User Data: Billion Potentially Exposed24 April 2024
Logpoint’s latest release: Gain control over your security operations24 April 2024