CVE-2022-2123

CVE-2022-2123: WP Opt-in <= 1.4.1 - Arbitrary Settings Update via CSRF

Vendor Unknown
Product WP Opt-in
Weakness CWE-352 · CSRF
Published July 11, 2022
Last update August 3, 2024

CVSS base score

What the vulnerability does

01Description

The WP Opt-in WordPress plugin through 1.4.1 is vulnerable to CSRF which allows changed plugin settings and can be used for sending spam emails.

Key dates

02Disclosure timeline

July 11, 2022 CVE published
August 3, 2024 Record updated