PT-2022-22953 · WordPress · Oceanwp Sticky Header Plugin
Rasi
+1
·
Published
2022-12-04
·
Updated
2022-12-06
·
CVE-2022-35730
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Oceanwp sticky header plugin version 1.0.8 and earlier
Description
A Cross-Site Request Forgery (CSRF) issue affects the Oceanwp sticky header plugin on WordPress. This issue allows for malicious requests to be made on behalf of the user without their knowledge or consent.
Recommendations
For Oceanwp sticky header plugin version 1.0.8 and earlier, update to a version later than 1.0.8 to resolve the issue.
Fix
CSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Oceanwp Sticky Header Plugin