Vulnerabilities > CVE-2022-3850 - Unspecified vulnerability in Find and Replace ALL Project Find and Replace ALL

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
LOW
Availability impact
NONE
network
low complexity
find-and-replace-all-project

Summary

The Find and Replace All WordPress plugin before 1.3 does not have CSRF check when replacing string, which could allow attackers to make a logged admin replace arbitrary string in database tables via a CSRF attack

Vulnerable Configurations

Part Description Count
Application
Find_And_Replace_All_Project
1