Headline
CVE-2022-29489: WordPress Sucuri Security plugin <= 1.8.33 - Cross-Site Request Forgery (CSRF) vulnerability - Patchstack
Cross-Site Request Forgery (CSRF) vulnerability in Sucuri Security plugin <= 1.8.33 at WordPress leading to Event log entry creation.
Verified
Fixed
2.3
CVSS 3.1 score Low severity
Monitoring Coming soon
PSID
38e16a5d6ccd
Classification
Cross Site Request Forgery (CSRF)
OWASP Top 10
A5: Broken Access Control
Publicly disclosed
2022-09-14
Details
Cross-Site Request Forgery (CSRF) vulnerability leading to Event log entry creation discovered by Rafie Muhammad (Yeraisci) in WordPress Sucuri Security plugin (versions <= 1.8.33).
Solution
Update the WordPress Sucuri Security plugin to the latest available version (at least 1.8.34).
References