Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2022-27432

Disclosure Date: March 30, 2022 (last updated October 07, 2023)
A Cross-Site Request Forgery (CSRF) in Pluck CMS v4.7.15 allows attackers to change the password of any given user by exploiting this feature leading to account takeover.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0