Security Advisory

CVE-2020-36505

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-11-01 08:45:57

Last updated 2024-08-04 17:30:08

Assigner WPScan

State PUBLISHED

Description

The Delete All Comments Easily WordPress plugin through 1.3 is lacking Cross-Site Request Forgery (CSRF) checks, which could result in an unauthenticated attacker making a logged in admin delete all comments from the blog.

← Browse all CVEs View on cve.org ↗