Traffic Manager by SedLex

Traffic Manager by SedLex <= 1.4.5 - CSRF

LANACOMMONVDB ID: cb5c9d37-1801-49f8-9c91-285d777c07db

The plugin does not have proper Cross-Site Request Forgery (CSRF) check in some places, which could allow attackers to make logged in admins perform unwanted actions via Cross-Site Request Forgery (CSRF) attacks.

References

Source Code: https://wordpress.org/plugins/traffic-manager/

CVE: CVE-2022-41695

Attributes

Catgory: WordPress Plugin

Discovered: 2022-09-13

Published: 2022-10-24

Affected Version: <= 1.4.5

Classification

Type: Cross-Site Request Forgery (CSRF)

Researcher

Name: István Márton

Email: [email protected]