Vulnerability Details CVE-2022-29412
Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Hermit 音乐播放器 plugin <= 3.1.6 on WordPress allow attackers to delete cache, delete a source, create source.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 30.1%
CVSS Severity
CVSS v3 Score 5.4
CVSS v2 Score 5.8
References
- https://patchstack.com/database/vulnerability/hermit/wordpress-hermit-plugin-3-1-6-multiple-cross-site-request-forgery-csrf-vulnerabilities
- https://wordpress.org/plugins/hermit/
- https://patchstack.com/database/vulnerability/hermit/wordpress-hermit-plugin-3-1-6-multiple-cross-site-request-forgery-csrf-vulnerabilities
- https://wordpress.org/plugins/hermit/
Products affected by CVE-2022-29412
-
cpe:2.3:a:hermit_project:hermit:-
-
cpe:2.3:a:hermit_project:hermit:3.1.6