CSRF Vulnerability in Peter's Collaboration E-mails WordPress Plugin
CVE-2022-1761 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
The Peter’s Collaboration E-mails WordPress plugin through 2.2.0 is vulnerable to CSRF due to missing nonce checks. This allows the change of its settings, which can be used to lower the required user level, change texts, the used email address and more.
Learn more about our Wordpress Pen Testing.