User

Welcome to WordPress Community Forum. Please login or sign up.

Nov 25, 2024, 10:33 AM

Login with username, password and session length

Shoutbox

Recent

Stats

Members
Stats
  • Total Posts: 55
  • Total Topics: 45
  • Online today: 5
  • Online ever: 136 (Apr 17, 2022, 11:37 PM)
Users Online
  • Users: 0
  • Guests: 36
  • Total: 36

Online

36 Guests, 0 Users

WordPress Copify plugin <= 1.3.0 - Cross-Site Request Forgery vulnerability

Started by Kailash, Jun 10, 2022, 05:27 AM

Previous topic - Next topic

WordPress Premium Themes


Print
Go Down Pages1
User actions

Kailash

Jun 10, 2022, 05:27 AM
WordPress Copify plugin <= 1.3.0 - Cross-Site Request Forgery (CSRF) vulnerability to Cross-Site Scripting (XSS)

Plugin name: WordPress Copify plugin
Vulnerable versions: <= 1.3.0
Fixed in:  N/A
CVE ID: CVE-2022-1900
Classification: Cross Site Scripting (XSS)
Publicly disclosed: 2022-06-08

Vulnerability Details

Cross-Site Request Forgery (CSRF) vulnerability to Cross-Site Scripting (XSS) was discovered by Yuki Hoshi (Cryptography Laboratory in Tokyo Denki University) in the WordPress Copify plugin (versions <= 1.3.0)

Solution

Deactivate and delete. This plugin has been closed as of May 27, 2022 and is not available for download. This closure is temporary, pending a full review.

Plugin Link: Temporary closed for download or not available

WordPress Premium Themes


Print
Go Up Pages1
User actions