Vulnerabilities > CVE-2022-1843 - Unspecified vulnerability in Mailpress Project Mailpress

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

NONE

network

low complexity

mailpress-project

NVD

Published: 2022-06-27

Updated: 2024-11-21

Summary

The MailPress WordPress plugin through 7.2.1 does not have CSRF checks in various places, which could allow attackers to make a logged in admin change the settings, purge log files and more via CSRF attacks

Vulnerable Configurations

Part	Description	Count
Application	Mailpress_Project Mailpress Project Mailpress *	1

References

https://wpscan.com/vulnerability/aa59f811-2375-4593-93d4-f587f9870ed1
https://wpscan.com/vulnerability/aa59f811-2375-4593-93d4-f587f9870ed1