Vulnerability Details CVE-2022-3850
The Find and Replace All WordPress plugin before 1.3 does not have CSRF check when replacing string, which could allow attackers to make a logged admin replace arbitrary string in database tables via a CSRF attack
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 25.9%
CVSS Severity
CVSS v3 Score 4.3
References
Products affected by CVE-2022-3850
-
cpe:2.3:a:find_and_replace_all_project:find_and_replace_all:1.3