What the vulnerability does
01Description
Rumpus - FTP server Cross-site request forgery (CSRF) – Privilege escalation vulnerability that may allow privilege escalation.
CVE-2022-46367
MEDIUM
CVE-2022-46367: Rumpus - FTP server Cross-site request forgery (CSRF) – Privilege escalation
CVSS base score
6.8/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
Key dates
02Disclosure timeline
January 12, 2023
CVE published
April 8, 2025
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2025-57918 WordPress LinkedInclude Plugin <= 3.0.4 - Cross Site Request Forgery (CSRF) Vulnerability
CVE-2023-46067 WordPress Rocket Font Plugin <= 1.2.3 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2023-39917 WordPress Photo Gallery by Ays Plugin <= 5.2.6 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2022-41990 WordPress 3D Tag Cloud Plugin <= 3.8 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2026-8425 Notify Odoo <= 1.0.1 - Cross-Site Request Forgery to Settings Update
