exploitDog

GHSA-v2v6-4445-2f8x

Опубликовано: 02 фев. 2022

Источник: github

Github: Не прошло ревью

Описание

The NextScripts: Social Networks Auto-Poster WordPress plugin before 4.3.25 does not have CSRF check in place when deleting items, allowing attacker to make a logged in admin delete arbitrary posts via a CSRF attack

The NextScripts: Social Networks Auto-Poster WordPress plugin before 4.3.25 does not have CSRF check in place when deleting items, allowing attacker to make a logged in admin delete arbitrary posts via a CSRF attack

Ссылки

EPSS

Процентиль: 29%

0.00103

Низкий

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2021-25072

CVSS3: 6.5

nvd

около 4 лет назад

The NextScripts: Social Networks Auto-Poster WordPress plugin before 4.3.25 does not have CSRF check in place when deleting items, allowing attacker to make a logged in admin delete arbitrary posts via a CSRF attack

EPSS

Процентиль: 29%

0.00103

Низкий

CVE ID

Дефекты

CWE-352