CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-1844

The WP Sentry WordPress plugin through 1.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping as well

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 29.6%

CVSS Severity

CVSS v3 Score 4.3

CVSS v2 Score 4.3

References

https://wpscan.com/vulnerability/f0b0baac-7f44-44e1-af73-5a72b967858d
https://wpscan.com/vulnerability/f0b0baac-7f44-44e1-af73-5a72b967858d

Products affected by CVE-2022-1844

Wp-Sentry Project » Wp-Sentry » Version: Any

cpe:2.3:a:wp-sentry_project:wp-sentry:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-1844

Products

Pricing

Contact Us