WordPress Esselink.nu Settings Plugin Cross-Site Request Forgery Vulnerability
Vulnerability
A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the Esselink.nu Settings WordPress plugin, affecting versions through 2.94. This vulnerability allows for Reflected Cross-Site Scripting (XSS).
Impact
Exploitation of this vulnerability could enable a malicious actor to trick users with higher privileges into performing actions they did not intend to, potentially leading to unauthorized changes or disclosures.
Added: Jun 20, 2025, 3:30 PM
Updated: Jun 20, 2025, 3:30 PM
Vulnerability Rating
Custom Algorithm
spread
0.0impact
1.7exploitability
6.4remediation
0.0relevance
0.2threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.