Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2022-3850

Disclosure Date: November 28, 2022 (last updated October 08, 2023)
The Find and Replace All WordPress plugin before 1.3 does not have CSRF check when replacing string, which could allow attackers to make a logged admin replace arbitrary string in database tables via a CSRF attack
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0