Medium severity5.4NVD Advisory· Published Jun 13, 2022· Updated Jun 17, 2026
CVE-2022-1780
CVE-2022-1780
Description
The LaTeX for WordPress plugin through 3.4.10 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack which could also lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <=3.4.10
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/dd22ea1e-49a9-4b06-8dd9-bb224110f98anvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.