CVE-2022-4604
Summary
| CVE | CVE-2022-4604 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2022-12-18 11:15:00 UTC |
| Updated | 2023-11-07 03:58:00 UTC |
| Description | A vulnerability classified as problematic was found in wp-english-wp-admin Plugin up to 1.5.1. Affected by this vulnerability is the function register_endpoints of the file english-wp-admin.php. The manipulation leads to cross-site request forgery. The attack can be launched remotely. Upgrading to version 1.5.2 is able to address this issue. The name of the patch is ad4ba171c974c65c3456e7c6228f59f40783b33d. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216199. |
Risk And Classification
Problem Types: CWE-352
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Wp-english-wp-admin Project | Wp-english-wp-admin | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Release 1.5.3 · khromov/wp-english-wp-admin · GitHub | N/A | github.com | |
| Fix vulnerability · khromov/wp-english-wp-admin@ad4ba17 · GitHub | N/A | github.com | |
| Release 1.5.2 · khromov/wp-english-wp-admin · GitHub | MISC | github.com | |
| CVE-2022-4604 | wp-english-wp-admin Plugin english-wp-admin.php register_endpoints cross-site request forgery | N/A | vuldb.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.