Security Advisory

CVE-2022-1759

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-06-13 12:42:36

Last updated 2024-08-03 00:16:59

Assigner WPScan

State PUBLISHED

Description

The RB Internal Links WordPress plugin through 2.0.16 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack, as well as perform Stored Cross-Site Scripting attacks due to the lack of sanitisation and escaping

← Browse all CVEs View on cve.org ↗