CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-2276

The WP Edit Menu WordPress plugin before 1.5.0 does not have authorisation and CSRF in an AJAX action, which could allow unauthenticated attackers to delete arbitrary posts/pages from the blog

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 29.1%

CVSS Severity

CVSS v3 Score 4.3

References

https://plugins.trac.wordpress.org/changeset?new=2749780%40wp-edit-menu%2Ftrunk&old=2220186%40wp-edit-menu%2Ftrunk
https://wpscan.com/vulnerability/92de9c1b-48dd-4a5f-bbb3-455f8f172b09
https://plugins.trac.wordpress.org/changeset?new=2749780%40wp-edit-menu%2Ftrunk&old=2220186%40wp-edit-menu%2Ftrunk
https://wpscan.com/vulnerability/92de9c1b-48dd-4a5f-bbb3-455f8f172b09

Products affected by CVE-2022-2276

Wp Edit Menu Project » Wp Edit Menu » Version: N/A

cpe:2.3:a:wp_edit_menu_project:wp_edit_menu:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-2276

Products

Pricing

Contact Us