Medium severity6.5NVD Advisory· Published Jul 11, 2022· Updated Jun 17, 2026
CVE-2022-1599
CVE-2022-1599
Description
The Admin Management Xtended WordPress plugin before 2.4.5 does not have CSRF checks in some of its AJAX actions, allowing attackers to make a logged users with the right capabilities to call them. This can lead to changes in post status (draft, published), slug, post date, comment status (enabled, disabled) and more.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<2.4.5+ 1 more
- (no CPE)range: <2.4.5
- (no CPE)range: 2.4.5
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/4a36e876-7e3b-4a81-9f16-9ff5fbb20dd6nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.