← Back

One Click Plugin Updater

one_click_plugin_updater

Vendor: One Click Plugin Updater Project • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-1791
1One Click Plugin Updater Project
1One Click Plugin Updater
Jun 17, 2026
Jun 13, 2022
N/A· v4
8.1 HIGH· v3
5.8 MEDIUM· v2
The One Click Plugin Updater WordPress plugin through 2.4.14 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and disable /...Show more
The One Click Plugin Updater WordPress plugin through 2.4.14 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and disable / hide the badge of the available updates and the related check.Show less