WordPress WP CSV to Database Plugin <= 2.6 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2022-47163

3.1LOW

Key Information:

Vendor: Wordpress
Status: WP Csv To Database – Insert Csv File Content Into WordPress Database
Vendor: CVE Published:; 14 March 2023

What is CVE-2022-47163?

Cross-Site Request Forgery (CSRF) vulnerability in Tips and Tricks HQ, josh401 WP CSV to Database – Insert CSV file content into WordPress plugin <= 2.6 versions.

Affected Version(s)

WP CSV to Database – Insert CSV file content into WordPress database <= 2.6

References

https://patchstack.com/database/vulnerability/wp-csv-to-d...

vdb-entry

CVSS V3.1

Score:

3.1

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 14, 2023
Vulnerability Reserved
Dec 12, 2022

Credit

rezaduty (Patchstack Alliance)

Wordpress

What is CVE-2022-47163?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit