CVE-2022-1761 — MEDIUM (6.5)

Q: How severe is CVE-2022-1761?

CVE-2022-1761 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2022-1761?

Check the references section above for vendor advisories and patch information. Affected products include: Peter\'S Collaboration E-Mails Project Peter\'S Collaboration E-Mails.

Vulnerability Description

The Peter’s Collaboration E-mails WordPress plugin through 2.2.0 is vulnerable to CSRF due to missing nonce checks. This allows the change of its settings, which can be used to lower the required user level, change texts, the used email address and more.

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

NONE

Integrity

HIGH

Availability

NONE

Affected Products

Vendor	Product	Versions
Peter\'S Collaboration E-Mails Project	Peter\'S Collaboration E-Mails	<= 2.2.0

Related Weaknesses (CWE)

CWE-352

References

https://wpscan.com/vulnerability/31b413e1-d4b5-463e-9910-37876881c062ExploitThird Party Advisory
https://wpscan.com/vulnerability/31b413e1-d4b5-463e-9910-37876881c062ExploitThird Party Advisory

FAQ

What is CVE-2022-1761?

CVE-2022-1761 is a vulnerability with a CVSS score of 6.5 (MEDIUM). The Peter’s Collaboration E-mails WordPress plugin through 2.2.0 is vulnerable to CSRF due to missing nonce checks. This allows the change of its settings, which can be used to lower the required user...

How severe is CVE-2022-1761?

CVE-2022-1761 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-1761?

Check the references section above for vendor advisories and patch information. Affected products include: Peter\'S Collaboration E-Mails Project Peter\'S Collaboration E-Mails.