A Cross-Site Request Forgery (CSRF) in Pluck CMS v4.7.15 allows attackers to delete arbitrary pages.
References
Link | Resource |
---|---|
https://medium.com/%40devansh3008/pluck-cms-v4-7-15-csrf-vulnerability-at-delete-page-9fff0309f9c | |
https://owasp.org/www-community/attacks/csrf | Third Party Advisory |
Configurations
History
07 Nov 2023, 03:45
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2022-04-13 00:15
Updated : 2024-02-28 19:09
NVD link : CVE-2022-26589
Mitre link : CVE-2022-26589
CVE.ORG link : CVE-2022-26589
JSON object : View
Products Affected
pluck-cms
- pluck
CWE
CWE-352
Cross-Site Request Forgery (CSRF)