CVE-2022-29435

Description

Cross-Site Request Forgery (CSRF) vulnerability in Alexander Stokmann's Code Snippets Extended plugin <= 1.4.7 on WordPress allows an attacker to delete or to turn on/off snippets.

CVSS breakdown

CVSS 3.1

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

None

Integrity

Low

Availability

Low

Affected products

Alexander Stokmann / Code Snippets Extended (WordPress plugin)<= 1.4.7 – 1.4.7

References

MISChttps://wordpress.org/plugins/code-snippets-extended/#developers
MISChttps://patchstack.com/database/vulnerability/code-snippets-extended/wordpress-code-snippets-extended-plugin-1-4-7-cross-site-request-forgery-csrf-vulnerability