CVE-2022-4604
CVSS V2 None
CVSS V3 None
Description
A vulnerability classified as problematic was found in wp-english-wp-admin Plugin up to 1.5.1. Affected by this vulnerability is the function register_endpoints of the file english-wp-admin.php. The manipulation leads to cross-site request forgery. The attack can be launched remotely. Upgrading to version 1.5.2 is able to address this issue. The name of the patch is ad4ba171c974c65c3456e7c6228f59f40783b33d. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216199.
Overview
- CVE ID
- CVE-2022-4604
- Assigner
- cna@vuldb.com
- Vulnerability Status
- Analyzed
- Published Version
- 2022-12-18T11:15:11
- Last Modified Date
- 2023-01-06T13:55:45
Weakness Enumerations
CPE Configuration (Product)
| CPE | Vulnerable | Operator | Version Start | Version End |
|---|---|---|---|---|
| cpe:2.3:a:wp-english-wp-admin_project:wp-english-wp-admin:*:*:*:*:*:wordpress:*:* | 1 | OR | 1.5.3 |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2022-4604 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4604 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2022-12-19 16:16:16 | Added to TrackCVE | |||
| 2022-12-21 07:03:08 | 2022-12-18T11:15:11.170 | 2022-12-18T11:15:11 | CVE Published Date | updated |
| 2022-12-21 07:03:08 | 2022-12-19T02:27:34 | CVE Modified Date | updated | |
| 2022-12-21 07:03:08 | Awaiting Analysis | Undergoing Analysis | Vulnerability Status | updated |
| 2022-12-22 19:15:42 | 2022-12-22T18:33:40 | CVE Modified Date | updated | |
| 2022-12-22 19:15:42 | Undergoing Analysis | Analyzed | Vulnerability Status | updated |
| 2022-12-22 19:15:44 | CPE Information | updated | ||
| 2022-12-24 22:15:42 | 2022-12-24T22:15:10 | CVE Modified Date | updated | |
| 2022-12-24 22:15:42 | Analyzed | Modified | Vulnerability Status | updated |
| 2022-12-24 22:15:44 | A vulnerability classified as problematic was found in wp-english-wp-admin Plugin up to 1.5.2. Affected by this vulnerability is the function register_endpoints of the file english-wp-admin.php. The manipulation leads to cross-site request forgery. The attack can be launched remotely. Upgrading to version 1.5.3 is able to address this issue. The name of the patch is ad4ba171c974c65c3456e7c6228f59f40783b33d. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216199. | A vulnerability classified as problematic was found in wp-english-wp-admin Plugin up to 1.5.1. Affected by this vulnerability is the function register_endpoints of the file english-wp-admin.php. The manipulation leads to cross-site request forgery. The attack can be launched remotely. Upgrading to version 1.5.2 is able to address this issue. The name of the patch is ad4ba171c974c65c3456e7c6228f59f40783b33d. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216199. | Description | updated |
| 2022-12-24 22:15:50 | CVSS V3 information | new | ||
| 2022-12-28 12:14:43 | Modified | Undergoing Analysis | Vulnerability Status | updated |
| 2022-12-28 12:14:44 | CVSS V3 information | new | ||
| 2023-01-06 14:16:50 | 2023-01-06T13:55:45 | CVE Modified Date | updated | |
| 2023-01-06 14:16:50 | Undergoing Analysis | Analyzed | Vulnerability Status | updated |
| 2023-01-06 14:16:53 | CVSS V3 information | new |