CVE-2021-24725

Sažetak

The Comment Link Remove and Other Comment Tools WordPress plugin before 2.1.6 does not have CSRF check in its 'Delete comments easily', which could allow attackers to make logged in admin delete arbitrary comments

Reference

https://wpscan.com/vulnerability/01483284-57f5-4ae9-b5f1-ae26b623571f
https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=29225

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

23-09-2021 - 15:22

Objavljeno

13-09-2021 - 18:15