cvedb.io
CVE-2022-1788
MEDIUM · CVSS 6.5
EPSS exploitation probability: 0%
Published 2022-06-13T13:15:12.837 · Last modified 2026-06-17T04:23:06.830

Summary

Due to missing checks the Change Uploaded File Permissions WordPress plugin through 4.0.0 is vulnerable to CSRF attacks. This can be used to change the file and folder permissions of any folder. This could be problematic when specific files like ini files are made readable for everyone due to this.

Affected products

change_uploaded_file_permissions_project — change_uploaded_file_permissions

Does this affect you?

Add your gear to cvedb and we'll alert you only when change_uploaded_file_permissions_project ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.