Unrated severityNVD Advisory· Published Mar 29, 2022· Updated Aug 3, 2024
CVE-2022-27432
CVE-2022-27432
Description
A Cross-Site Request Forgery (CSRF) in Pluck CMS v4.7.15 allows attackers to change the password of any given user by exploiting this feature leading to account takeover.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Pluck CMS/Pluck CMSdescription
Patches
Vulnerability mechanics
References
2- owasp.org/www-community/attacks/csrfmitrex_refsource_MISC
- www.exploit-db.com/exploits/50831mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.