Due to missing checks the Static Page eXtended WordPress plugin through 2.1 is vulnerable to CSRF attacks which allows changing the plugin settings, including required user levels for specific features. This could also lead to Stored Cross-Site Scripting due to the lack of escaping in some of the settings
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: WPScan

Published: 2022-06-13T12:42:40

Updated: 2024-08-03T00:16:59.872Z

Reserved: 2022-05-17T00:00:00

Link: CVE-2022-1763

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-06-13T13:15:12.267

Modified: 2024-11-21T06:41:24.910

Link: CVE-2022-1763

cve-icon Redhat

No data.