High severity8.8NVD Advisory· Published Aug 15, 2022· Updated Jun 17, 2026
CVE-2022-2381
CVE-2022-2381
Description
The E Unlocked - Student Result WordPress plugin through 1.0.4 is lacking CSRF and validation when uploading the School logo, which could allow attackers to make a logged in admin upload arbitrary files, such as PHP via a CSRF attack
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/E Unlocked - Student Resultdescription
- Range: <=1.0.4
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/c39c41bf-f622-4239-a0a1-4dfe0e079f7fnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.