1 results (0.001 seconds)
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-2144 – Jquery Validation For Contact Form 7 < 5.3 - Arbitrary Options Update via CSRF
https://notcve.org/view.php?id=CVE-2022-2144
27 Jun 2022 — The Jquery Validation For Contact Form 7 WordPress plugin before 5.3 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change Blog options like default_role, users_can_register via a CSRF attack El plugin Jquery Validation For Contact Form 7 de WordPress versiones anteriores a 5.3, no presenta una comprobación de tipo CSRF cuando es actualizada su configuración, lo que podría permitir a atacantes hacer que un administrador conectado cambie la... • https://wpscan.com/vulnerability/419054d4-95e8-4f4a-b864-a98b3e18435a • CWE-352: Cross-Site Request Forgery (CSRF) •