CVE-2022-2381 – The E Unlocked – Student Result WordPress plugin through 1.0.4 is lacking CSRF and validat …

15 August 2022

Vuln ID: CVE-2022-2381

Published: 2022-08-15 11:21:23Z

Description: The E Unlocked – Student Result WordPress plugin through 1.0.4 is lacking CSRF and validation when uploading the School logo, which could allow attackers to make a logged in admin upload arbitrary files, such as PHP via a CSRF attack

Source: NVD.NIST.GOV

Date:

15 August 2022

Categorie(s):

NVD

Tag(s):

NVD

7-Year-Old 0-Day in Microsoft Office Exploited to Drop Cobalt Strike27 April 2024
AI Helps Improve About Managed Detection and Response26 April 2024
TikTok, Flowmon, Cisco, Brokewell, RuggedCom, Deepfakes, Non-Competes, Aaran Leyland – SWN #38126 April 2024
Impact of organizational structure on ransomware outcomes: Where does your org fit in?26 April 2024
Hackers try to exploit WordPress plugin vulnerability that’s as severe as it gets26 April 2024