Vulnerability Details : CVE-2022-1758


CVE Name: CVE-2022-1758: Other vulnerability on Genki Pre Publish Reminder Project Genki Pre Publish Reminder
Description: The Genki Pre-Publish Reminder WordPress plugin through 1.4.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored XSS as well as RCE when custom code is added via the plugin settings.
Publish date: 2022-06-13T13:15Z
Last Update: 2022-06-22T19:45Z

CVSS Scores & Vulnerability Types


CVSS Score
Confidentiality ImpactHIGH
Integrity ImpactHIGH
Availability ImpactHIGH
Actack VectorNETWORK
Actack ComplexityLOW
Privileges RequiredNONE
User InteractionREQUIRED
ScopeUNCHANGED
Vulnerability Type(s)Other
CWE ID352

Products Affected By CVE-2022-1758


# Vendor Product Vulnerable Versions
1 Genki Pre Publish Reminder Project Genki Pre Publish Reminder 1

Detail of Verions Affected


# Product Type Vendor Product Version
1 Application Genki Pre Publish Reminder Project Genki Pre Publish Reminder * Wordpress

References For CVE-2022-1758


Hyperlink Resource
https://wpscan.com/vulnerability/211816ce-d2bc-469b-9a8e-e0c2a5c4461b Exploit, Third Party Advisory