CVE-2022-0445
Description
The WordPress Real Cookie Banner: GDPR (DSGVO) & ePrivacy Cookie Consent WordPress plugin before 2.14.2 does not have CSRF checks in place when resetting its settings, allowing attackers to make a logged in admin reset them via a CSRF attack
CWE
- CWE-352 — CWE-352 Cross-Site Request Forgery (CSRF)
Affected
- Unknown / WordPress Real Cookie Banner: GDPR (DSGVO) & ePrivacy Cookie Consent — v=2.14.2 <2.14.2 [affected]
CVSS
- (none)
References
Source
cvelistV5-main/cves/2022/0xxx/CVE-2022-0445.json