CSRF Vulnerability in Peter's Collaboration E-mails WordPress Plugin

CSRF Vulnerability in Peter's Collaboration E-mails WordPress Plugin

CVE-2022-1761 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

The Peter’s Collaboration E-mails WordPress plugin through 2.2.0 is vulnerable to CSRF due to missing nonce checks. This allows the change of its settings, which can be used to lower the required user level, change texts, the used email address and more.

Learn more about our Wordpress Pen Testing.