Medium severity6.5NVD Advisory· Published Jun 13, 2022· Updated Jun 17, 2026
CVE-2022-1605
CVE-2022-1605
Description
The Email Users WordPress plugin through 4.8.8 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and change the notification settings of arbitrary users
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Email Users/Email Usersdescription
- Range: <=4.8.8
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/a1b69615-690a-423b-afdf-729dcd32bc2fnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.