Medium severity6.5NVD Advisory· Published Jun 8, 2022· Updated Jun 17, 2026
CVE-2022-1422
CVE-2022-1422
Description
The Discy WordPress theme before 5.2 does not check for CSRF tokens in the AJAX action discy_reset_options, allowing an attacker to trick an admin into resetting the site settings back to defaults.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Discydescription
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/29aff4bf-1691-4dc1-a670-1f2c9a765a3bnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.