CVE-2022-1843

CVE-2022-1843: MailPress <= 7.2.1 - Arbitrary Settings Update & Log Files Purge via CSRF

Vendor Unknown
Product MailPress
Weakness CWE-352 · CSRF
Published June 27, 2022
Last update August 3, 2024

CVSS base score

What the vulnerability does

01Description

The MailPress WordPress plugin through 7.2.1 does not have CSRF checks in various places, which could allow attackers to make a logged in admin change the settings, purge log files and more via CSRF attacks

Key dates

02Disclosure timeline

June 27, 2022 CVE published
August 3, 2024 Record updated