CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-2144

The Jquery Validation For Contact Form 7 WordPress plugin before 5.3 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change Blog options like default_role, users_can_register via a CSRF attack

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 34.1%

CVSS Severity

CVSS v3 Score 4.3

CVSS v2 Score 4.3

References

https://wpscan.com/vulnerability/419054d4-95e8-4f4a-b864-a98b3e18435a
https://wpscan.com/vulnerability/419054d4-95e8-4f4a-b864-a98b3e18435a

Products affected by CVE-2022-2144

Jquery Validation For Contact Form 7 Project » Jquery Validation For Contact Form 7 » Version: Any

cpe:2.3:a:jquery_validation_for_contact_form_7_project:jquery_validation_for_contact_form_7:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-2144

Products

Pricing

Contact Us