1 results (0.001 seconds)

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 2

CVE-2021-24725 – Comment Link Remove and Other Comment Tools < 2.1.6 - Arbitrary Comment Deletion via CSRF

https://notcve.org/view.php?id=CVE-2021-24725

The Comment Link Remove and Other Comment Tools WordPress plugin before 2.1.6 does not have CSRF check in its 'Delete comments easily', which could allow attackers to make logged in admin delete arbitrary comments El plugin Comment Link Remove and Other Comment Tools de WordPress versiones anteriores a 2.1.6, no presenta una comprobación de tipo CSRF en su acción "Delete comments easily", lo que podría permitir a atacantes hacer que el administrador conectado elimine comentarios arbitrarios • https://wpscan.com/vulnerability/01483284-57f5-4ae9-b5f1-ae26b623571f https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=29225 • CWE-352: Cross-Site Request Forgery (CSRF) •