High severity8.1NVD Advisory· Published Jun 27, 2022· Updated Jun 17, 2026
CVE-2022-1572
CVE-2022-1572
Description
The HTML2WP WordPress plugin through 1.0.0 does not have authorisation and CSRF checks in an AJAX action, available to any authenticated users such as subscriber, which could allow them to delete arbitrary file
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/HTML2WPdescription
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/9afd1805-d449-4551-986a-f92cb47c95c5nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.