Vulnerabilities

CVE-2022-1791

by Fred · 13/06/2022

The One Click Plugin Updater WordPress plugin through 2.4.14 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and disable / hide the badge of the available updates and the related check.

Date published : 2022-06-13

https://wpscan.com/vulnerability/5c185269-cb3a-4463-8d73-b190813d4431

Similar

Tags: Cybersecurity Alert