VYPR
Unrated severityNVD Advisory· Published Mar 29, 2022· Updated Aug 3, 2024

CVE-2022-27432

CVE-2022-27432

Description

A Cross-Site Request Forgery (CSRF) in Pluck CMS v4.7.15 allows attackers to change the password of any given user by exploiting this feature leading to account takeover.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Pluck CMS/Pluck CMSdescription
  • Pluck/Pluckllm-fuzzy
    Range: =4.7.15

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.