The Peter’s Collaboration E-mails WordPress plugin through 2.2.0 is vulnerable to CSRF due to missing nonce checks. This allows the change of its settings, which can be used to lower the required user level, change texts, the used email address and more.
References
Link | Resource |
---|---|
https://wpscan.com/vulnerability/31b413e1-d4b5-463e-9910-37876881c062 | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
07 Nov 2023, 03:42
Type | Values Removed | Values Added |
---|---|---|
Summary | The Peter’s Collaboration E-mails WordPress plugin through 2.2.0 is vulnerable to CSRF due to missing nonce checks. This allows the change of its settings, which can be used to lower the required user level, change texts, the used email address and more. |
21 Jun 2022, 18:25
Type | Values Removed | Values Added |
---|---|---|
First Time |
Peter\'s Collaboration E-mails Project
Peter\'s Collaboration E-mails Project peter\'s Collaboration E-mails |
|
CVSS |
v2 : v3 : |
v2 : 4.3
v3 : 6.5 |
CPE | cpe:2.3:a:peter\'s_collaboration_e-mails_project:peter\'s_collaboration_e-mails:*:*:*:*:*:wordpress:*:* | |
References | (MISC) https://wpscan.com/vulnerability/31b413e1-d4b5-463e-9910-37876881c062 - Exploit, Third Party Advisory |
13 Jun 2022, 13:26
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-06-13 13:15
Updated : 2023-12-10 14:22
NVD link : CVE-2022-1761
Mitre link : CVE-2022-1761
CVE.ORG link : CVE-2022-1761
JSON object : View
Products Affected
peter\'s_collaboration_e-mails_project
- peter\'s_collaboration_e-mails
CWE
CWE-352
Cross-Site Request Forgery (CSRF)