CVE-2022-4386

The Intuitive Custom Post Order WordPress plugin through 3.1.3 lacks CSRF protection in its update-menu-order ajax action, allowing an attacker to trick any user to change the menu order via a CSRF attack
Configurations

Configuration 1

No configuration.

Information

Published : 2023-02-21 09:15

Updated : 2023-02-24 01:15


NVD link : CVE-2022-4386

Mitre link : CVE-2022-4386

Products Affected
No products.
CWE