WordPress WP CSV to Database Plugin <= 2.6 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2022-47163
3.1LOW
Key Information:
- Vendor
- Wordpress
- Vendor
- CVE Published:
- 14 March 2023
Summary
Cross-Site Request Forgery (CSRF) vulnerability in Tips and Tricks HQ, josh401 WP CSV to Database – Insert CSV file content into WordPress plugin <= 2.6 versions.
Affected Version(s)
WP CSV to Database – Insert CSV file content into WordPress database <= 2.6
References
CVSS V3.1
Score:
3.1
Severity:
LOW
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Credit
rezaduty (Patchstack Alliance)