VYPR
Medium severity6.5NVD Advisory· Published Jun 8, 2022· Updated Jun 17, 2026

CVE-2022-1422

CVE-2022-1422

Description

The Discy WordPress theme before 5.2 does not check for CSRF tokens in the AJAX action discy_reset_options, allowing an attacker to trick an admin into resetting the site settings back to defaults.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.