Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com

CVE-2022-26589

Description

A Cross-Site Request Forgery (CSRF) in Pluck CMS v4.7.15 allows attackers to delete arbitrary pages.

POC

Reference

- https://medium.com/%40devansh3008/pluck-cms-v4-7-15-csrf-vulnerability-at-delete-page-9fff0309f9c

- https://medium.com/@devansh3008/pluck-cms-v4-7-15-csrf-vulnerability-at-delete-page-9fff0309f9c

- https://owasp.org/www-community/attacks/csrf

Github

No PoCs found on GitHub currently.