mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-27 02:02:23 +02:00
0xMarcio
950 B
950 B
CVE-2022-2224
&color=brightgreen)
Description
The WordPress plugin Gallery for Social Photo is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.0.0.27 due to failure to properly check for the existence of a nonce in the function gifeed_duplicate_feed. This make it possible for unauthenticated attackers to duplicate existing posts or pages granted they can trick a site administrator into performing an action such as clicking on a link.
POC
Reference
No PoCs from references.