Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2022-0707

Disclosure Date: April 18, 2022 (last updated February 08, 2025)
The Easy Digital Downloads WordPress plugin before 2.11.6 does not have CSRF check in place when inserting payment notes, which could allow attackers to make a logged admin insert arbitrary notes via a CSRF attack
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0