CVE-2022-1630 - CERT CVE
ID CVE-2022-1630
Sažetak The WP-EMail WordPress plugin before 2.69.0 does not protect its log deletion functionality with nonce checks, allowing attacker to make a logged in admin delete logs via a CSRF attack
Reference
CVSS
Base: 4.3
Impact: 2.9
Exploitability:8.6
Pristup
VektorSloženostAutentikacija
NETWORK MEDIUM NONE
Impact
PovjerljivostCjelovitostDostupnost
NONE PARTIAL NONE
CVSS vektor AV:N/AC:M/Au:N/C:N/I:P/A:N
Zadnje važnije ažuriranje 28-06-2022 - 17:43
Objavljeno 20-06-2022 - 11:15