CVE-2022-3126

The Frontend File Manager Plugin WordPress plugin before 21.4 does not have CSRF check when uploading files, which could allow attackers to make logged in users upload files on their behalf
Configurations

Configuration 1 (hide)

cpe:2.3:a:najeebmedia:frontend_file_manager_plugin:*:*:*:*:*:wordpress:*:*

History

21 Nov 2024, 07:18

Type Values Removed Values Added
References () https://wpscan.com/vulnerability/7db363bf-7bef-4d47-9963-c30d6fdd2fb8 - Exploit, Third Party Advisory () https://wpscan.com/vulnerability/7db363bf-7bef-4d47-9963-c30d6fdd2fb8 - Exploit, Third Party Advisory

Information

Published : 2022-10-17 12:15

Updated : 2024-11-21 07:18


NVD link : CVE-2022-3126

Mitre link : CVE-2022-3126

CVE.ORG link : CVE-2022-3126


JSON object : View

Products Affected

najeebmedia

  • frontend_file_manager_plugin
CWE
CWE-352

Cross-Site Request Forgery (CSRF)