CVE-2019-14679: CSRF
First published: Thu Aug 08 2019(Updated: )
core/views/arprice_import_export.php in the ARPrice Lite plugin 2.2 for WordPress allows wp-admin/admin.php?page=arplite_import_export CSRF.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Reputeinfosystems Arprice Lite | =2.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2019-14679?
The severity of CVE-2019-14679 is medium, with a severity value of 6.5.
What is the affected software of CVE-2019-14679?
The affected software of CVE-2019-14679 is ARPrice Lite plugin version 2.2 for WordPress.
What is the vulnerability in CVE-2019-14679?
The vulnerability in CVE-2019-14679 is cross-site request forgery (CSRF) in the core/views/arprice_import_export.php file of the ARPrice Lite plugin 2.2 for WordPress.
How can I fix CVE-2019-14679?
To fix CVE-2019-14679, update to the latest version of the ARPrice Lite plugin for WordPress.
Where can I find more information about CVE-2019-14679?
You can find more information about CVE-2019-14679 at the following links: [WordPress Plugin Directory](https://wordpress.org/plugins/arprice-responsive-pricing-table/#developers) and [Plugin Vulnerabilities](https://www.pluginvulnerabilities.com/2019/07/11/cross-site-request-forgery-csrf-vulnerability-in-arprice-lite/).
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/last-modified-date
- agent/severity
- agent/weakness
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- vendor/reputeinfosystems
- canonical/reputeinfosystems arprice lite
- version/reputeinfosystems arprice lite/2.2