mirror of
https://github.com/0xMarcio/cve.git
synced 2026-02-12 18:42:46 +00:00
916 B
916 B
CVE-2021-24725
&color=brightgreen)
Description
The Comment Link Remove and Other Comment Tools WordPress plugin before 2.1.6 does not have CSRF check in its 'Delete comments easily', which could allow attackers to make logged in admin delete arbitrary comments
POC
Reference
- https://wpscan.com/vulnerability/01483284-57f5-4ae9-b5f1-ae26b623571f
- https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=29225