CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-38139 – WordPress RD Station plugin <= 5.2.0 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities
https://notcve.org/view.php?id=CVE-2022-38139
11 Sep 2022 — Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in RD Station plugin <= 5.2.0 at WordPress. Múltiples vulnerabilidades de falsificación de solicitud de sitio cruzado (CSRF) en el plugin RD Station versiones anteriores o iguales a 5.2.0 en WordPress. The RD Station plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.2.0. This is due to missing or incorrect nonce validation on several functions. This makes it possible for unauthenticated attackers to... • https://patchstack.com/database/vulnerability/integracao-rd-station/wordpress-rd-station-plugin-5-1-3-multiple-cross-site-request-forgery-csrf-vulnerabilities?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •