PT-2023-14156 · WordPress · Ali Irani Auto Upload Images

Rasi

+1

·

Published

2023-06-13

·

Updated

2023-06-20

·

CVE-2022-42880

CVSS v3.1

6.1

Medium

VectorAV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Name of the Vulnerable Software and Affected Versions Ali Irani Auto Upload Images plugin versions <= 3.3
Description The issue is related to a Cross-Site Request Forgery (CSRF) vulnerability that also allows Stored Cross-Site Scripting (XSS).
Recommendations For Ali Irani Auto Upload Images plugin versions <= 3.3, update to a version higher than 3.3 to resolve the issue.

Fix

CSRF

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-352

Related Identifiers

CVE-2022-42880

Affected Products

Ali Irani Auto Upload Images