CVE-2022-40132Cross-Site Request Forgery in Seriously Simple Podcasting

CWE-352Cross-Site Request Forgery3 documents3 sources
Severity
4.3MEDIUMNVD
CNA5.4
EPSS
0.1%
top 70.29%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Castos Seriously Simple Podcasting
Timeline
PublishedSep 23
Latest updateSep 25

Description

Cross-Site Request Forgery (CSRF) vulnerability in Seriously Simple Podcasting plugin <= 2.16.0 at WordPress, leading to plugin settings change.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

🔴Vulnerability Details

2
GHSA
GHSA-3229-cmr6-cvgv: Cross-Site Request Forgery (CSRF) vulnerability in Seriously Simple Podcasting plugin <= 22022-09-25
CVEList
WordPress Seriously Simple Podcasting plugin <= 2.16.0 - Cross-Site Request Forgery (CSRF) vulnerability2022-09-23
CVE-2022-40132 — Cross-Site Request Forgery | cvebase