CVE-2022-3208

CVE-2022-3208: Simple File List < 4.4.13 - Page Creation via CSRF

Vendor Unknown
Product Simple File List
Weakness CWE-352 · CSRF
Published October 10, 2022
Last update August 3, 2024

CVSS base score

What the vulnerability does

01Description

The Simple File List WordPress plugin before 4.4.12 does not implement nonce checks, which could allow attackers to make a logged in admin create new page and change it's content via a CSRF attack.

Key dates

02Disclosure timeline

October 10, 2022 CVE published
August 3, 2024 Record updated

Related vulnerabilities

04Related CVE