What the vulnerability does
01Description
The Cross-Linker WordPress plugin through 3.0.1.9 does not have CSRF check in place when creating Cross-Links, which could allow attackers to make a logged in admin perform such action via a CSRF attack
CVE-2022-1826
CVE-2022-1826: Cross-Linker <= 3.0.1.9 - Arbitrary Cross-Link Creation via CSRF
CVSS base score
—
Key dates
02Disclosure timeline
June 20, 2022
CVE published
August 3, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2023-22675 WordPress WP Fast Cache plugin <= 1.5 - Cross Site Request Forgery (CSRF) vulnerability
CVE-2025-55147
CVE-2024-32795 WordPress WPCal.io <= 0.9.5.8 - Cross Site Request Forgery (CSRF) vulnerability
CVE-2024-32452 WordPress Shopping Cart & eCommerce Store plugin <= 5.5.19 - Cross Site Request Forgery (CSRF) vulnerability
CVE-2024-34806 WordPress Clearfy Cache plugin <= 2.2.1 - Cross Site Request Forgery (CSRF) vulnerability
