CVE-2022-1846 Information

Description

The Tiny Contact Form WordPress plugin through 0.7 does not have CSRF check in place when updating its settings which could allow attackers to make a logged in admin change them via a CSRF attack

Reference

https://wpscan.com/vulnerability/5fa5838e-4843-4d9c-9884-e3ebbf56fc6a