CVE-2022-23976: CSRF
First published: Mon Apr 18 2022(Updated: )
Credit: audit@patchstack.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Accesspressthemes Access Demo Importer | <=1.0.7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2022-23976?
CVE-2022-23976 is a Cross-Site Request Forgery (CSRF) vulnerability in Access Demo Importer plugin, version 1.0.7 or earlier, on WordPress.
How does CVE-2022-23976 impact WordPress sites?
CVE-2022-23976 can allow an attacker to reset all data, including posts, pages, and media.
What is the severity level of CVE-2022-23976?
CVE-2022-23976 has a severity level of 8.1 (high).
How can I fix CVE-2022-23976?
To fix CVE-2022-23976, it is recommended to update Access Demo Importer plugin to version 1.0.8 or later.
Where can I find more information about CVE-2022-23976?
You can find more information about CVE-2022-23976 in the reference links: [link1](https://patchstack.com/database/vulnerability/access-demo-importer/wordpress-access-demo-importer-plugin-1-0-7-cross-site-request-forgery-csrf-vulnerability-leading-to-data-reset-posts-pages-media) and [link2](https://wordpress.org/plugins/access-demo-importer/#developers).
- collector/nvd-index
- vendor/accesspressthemes
- canonical/accesspressthemes access demo importer
- version/accesspressthemes access demo importer/1.0.7