1 results (0.003 seconds)
CVSS: 9.6EPSS: 0%CPEs: 1EXPL: 1
CVSS: 9.6EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1759 – RB Internal Links <= 2.0.16 - Stored Cross-Site Scripting via CSRF
https://notcve.org/view.php?id=CVE-2022-1759
23 May 2022 — The RB Internal Links WordPress plugin through 2.0.16 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack, as well as perform Stored Cross-Site Scripting attacks due to the lack of sanitisation and escaping El plugin RB Internal Links de WordPress versiones hasta 2.0.16, no presenta comprobación de tipo CSRF cuando es actualizada su configuración, lo que podría permitir a atacantes hacer que un administrador conect... • https://wpscan.com/vulnerability/d8e63f78-f38a-4f68-96ba-8059d175cea8 • CWE-352: Cross-Site Request Forgery (CSRF) •