Security Advisory

CVE-2021-25098

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-03-07 08:16:20

Last updated 2024-08-03 19:56:10

Assigner WPScan

State PUBLISHED

Description

The Pricing Tables WordPress Plugin WordPress plugin before 3.1.3 does not verify the CSRF nonce when removing posts, allowing attackers to make a logged in admin remove arbitrary posts from the blog via a CSRF attack, which will be put in the trash

← Browse all CVEs View on cve.org ↗