Low severity3.1NVD Advisory· Published Jul 20, 2022· Updated Jun 17, 2026
CVE-2022-29454
CVE-2022-29454
Description
Cross-Site Request Forgery (CSRF) vulnerability in WordPlus Better Messages plugin <= 1.9.9.148 at WordPress allows attackers to upload files. File attachment to messages must be activated.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <=1.9.9.148
- WordPlus/Better Messages (WordPress plugin)v5Range: <= 1.9.9.148
Patches
Vulnerability mechanics
References
2- patchstack.com/database/vulnerability/bp-better-messages/wordpress-better-messages-plugin-1-9-9-148-cross-site-request-forgery-csrf-vulnerabilitynvdPatchThird Party Advisory
- wordpress.org/plugins/bp-better-messages/nvdRelease NotesVendor Advisory
News mentions
0No linked articles in our index yet.