CVE-2022-29429

HIGH

Code Snippets Extended <= 1.4.7 - Cross-Site Request Forgery Leading to Remote Code Execution

Title source: llm
STIX 2.1

Description

Remote Code Execution (RCE) in Alexander Stokmann's Code Snippets Extended plugin <= 1.4.7 on WordPress via Cross-Site Request Forgery.

Scores

CVSS v3 8.8
EPSS 0.0089
EPSS Percentile 55.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-352
Status published
Products (2)
Alexander Stokmann/Code Snippets Extended (WordPress plugin) <= 1.4.7 - 1.4.7
code_snippets_extended_project/code_snippets_extended < 1.4.7
Published May 17, 2022
Tracked Since Feb 18, 2026