1 results (0.002 seconds)
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1
CVE-2024-3163 – Easy Property Listings < 3.5.4 - Arbitrary Contact Deletion via CSRF
https://notcve.org/view.php?id=CVE-2024-3163
The Easy Property Listings WordPress plugin before 3.5.4 does not have CSRF check when deleting contacts in bulk, which could allow attackers to make a logged in admin delete them via a CSRF attack • https://wpscan.com/vulnerability/f89c8654-5486-4939-880d-101f33d359c0 • CWE-352: Cross-Site Request Forgery (CSRF) •