API Monitor free
arrow right To plugin page
Fixed

WordPress Access Demo Importer plugin <= 1.0.7 - Cross-Site Request Forgery (CSRF) vulnerability leading to Data Reset (Posts / Pages / Media)

8.1
CVSS 3.1 score High severity
Monitoring Coming soon

Find out about vulnerable plugins in your websites for free.

Scan your website arrow right
Type
Plugin
Vulnerable versions
<= 1.0.7
Fixed in
1.0.8
PSID
7a04b7265e5a
Classification
Cross Site Request Forgery (CSRF)
OWASP Top 10
A5: Broken Access Control
Publicly disclosed
2022-01-24

Details

Cross-Site Request Forgery (CSRF) vulnerability leading to Data Reset (Posts / Pages / Media) discovered by Ex.Mi (Patchstack) in WordPress Access Demo Importer plugin (versions <= 1.0.7).

Solution

Update the WordPress Access Demo Importer plugin to the latest available version (at least 1.0.8).

References

CVE-2022-23976 Plugin page

Other known vulnerabilities for Access Demo Importer

Submit vulnerabilities and become a verified Alliance member

Learn more

Let us know if we have missed a vulnerability reported elsewhere

Report arrow right Close

Thank you for contributing!

Successfully submit vulnerabilities and receive an invite to our Alliance platform.

Learn more arrow right Close