CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-1594

The HC Custom WP-Admin URL WordPress plugin through 1.4 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack, allowing them to change the login URL

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 28.0%

CVSS Severity

CVSS v3 Score 4.3

CVSS v2 Score 4.3

References

https://wpscan.com/vulnerability/bb0efc5e-044b-47dc-9101-9aae40cdbaa5
https://wpscan.com/vulnerability/bb0efc5e-044b-47dc-9101-9aae40cdbaa5

Products affected by CVE-2022-1594

Hc Custom Wp-Admin Url Project » Hc Custom Wp-Admin Url » Version: N/A

cpe:2.3:a:hc_custom_wp-admin_url_project:hc_custom_wp-admin_url:-
Hc Custom Wp-Admin Url Project » Hc Custom Wp-Admin Url » Version: 1.4

cpe:2.3:a:hc_custom_wp-admin_url_project:hc_custom_wp-admin_url:1.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-1594

Products

Pricing

Contact Us