First published: Mon Apr 18 2022(Updated: )
Credit: audit@patchstack.com
Affected Software | Affected Version | How to fix |
---|---|---|
Accesspressthemes Access Demo Importer | <=1.0.7 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-23976 is a Cross-Site Request Forgery (CSRF) vulnerability in Access Demo Importer plugin, version 1.0.7 or earlier, on WordPress.
CVE-2022-23976 can allow an attacker to reset all data, including posts, pages, and media.
CVE-2022-23976 has a severity level of 8.1 (high).
To fix CVE-2022-23976, it is recommended to update Access Demo Importer plugin to version 1.0.8 or later.
You can find more information about CVE-2022-23976 in the reference links: [link1](https://patchstack.com/database/vulnerability/access-demo-importer/wordpress-access-demo-importer-plugin-1-0-7-cross-site-request-forgery-csrf-vulnerability-leading-to-data-reset-posts-pages-media) and [link2](https://wordpress.org/plugins/access-demo-importer/#developers).