Vulnerability Details CVE-2022-1779
The Auto Delete Posts WordPress plugin through 1.3.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and delete specific posts, categories and attachments at once.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 30.9%
CVSS Severity
CVSS v3 Score 8.1
CVSS v2 Score 5.8
References
Products affected by CVE-2022-1779
-
cpe:2.3:a:auto_delete_posts_project:auto_delete_posts:-
-
cpe:2.3:a:auto_delete_posts_project:auto_delete_posts:0.7
-
cpe:2.3:a:auto_delete_posts_project:auto_delete_posts:0.7.1
-
cpe:2.3:a:auto_delete_posts_project:auto_delete_posts:1.0
-
cpe:2.3:a:auto_delete_posts_project:auto_delete_posts:1.0.1
-
cpe:2.3:a:auto_delete_posts_project:auto_delete_posts:1.2
-
cpe:2.3:a:auto_delete_posts_project:auto_delete_posts:1.2.1
-
cpe:2.3:a:auto_delete_posts_project:auto_delete_posts:1.2.2
-
cpe:2.3:a:auto_delete_posts_project:auto_delete_posts:1.3.0