Due to missing checks the Static Page eXtended WordPress plugin through 2.1 is vulnerable to CSRF attacks which allows changing the plugin settings, including required user levels for specific features. This could also lead to Stored Cross-Site Scripting due to the lack of escaping in some of the settings
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: WPScan
Published: 2022-06-13T12:42:40
Updated: 2024-08-03T00:16:59.872Z
Reserved: 2022-05-17T00:00:00
Link: CVE-2022-1763
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-06-13T13:15:12.267
Modified: 2024-11-21T06:41:24.910
Link: CVE-2022-1763
Redhat
No data.