What the vulnerability does
01Description
Cross-Site Request Forgery (CSRF) vulnerability in Elise Bosse Frontpage Manager.This issue affects Frontpage Manager: from n/a through 1.3.
CVE-2024-22285
MEDIUM
CVE-2024-22285: WordPress Frontpage Manager Plugin <= 1.3 is vulnerable to Cross Site Request Forgery (CSRF)
CVSS base score
5.4/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
Key dates
02Disclosure timeline
January 31, 2024
CVE published
April 28, 2026
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2023-22695 WordPress Custom Field Template Plugin <= 2.5.8 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2025-23690 WordPress Book a Place plugin <= 0.7.1 - CSRF to Stored XSS vulnerability
CVE-2022-36292 WordPress Gallery PhotoBlocks plugin <= 1.2.6 - Cross-Site Request Forgery (CSRF) vulnerabilities
CVE-2026-29784 Ghost: Incomplete CSRF protections around OTC use
CVE-2020-6776 CSRF in Bosch PRAESIDEO and Bosch PRAESENSA Management Interface
