Lucene search
WPScanCVELIST:CVE-2021-24989HistoryJan 24, 2022 - 8:01 a.m.
CVE-2021-24989 Accept Donations with PayPal < 1.3.4 - Arbitrary Post Deletion via CSRF
2022-01-2408:01:05
CWE-352
WPScan
www.cve.org
0.001 Low
EPSS
Percentile
26.5%
The Accept Donations with PayPal WordPress plugin before 1.3.4 does not have CSRF check in place and does not ensure that the post to be deleted belongs to the plugin, allowing attackers to make a logged in admin delete arbitrary posts from the blog
CNA Affected
[
{
"product": "Accept Donations with PayPal",
"vendor": "Unknown",
"versions": [
{
"lessThan": "1.3.4",
"status": "affected",
"version": "1.3.4",
"versionType": "custom"
}
]
}
]Related
cve
cve
CVE-2021-24989
2022-01-24 08:15:09
prion
prion
Cross site request forgery (csrf)
2022-01-24 08:15:00
wpexploit
wpexploit
Accept Donations with PayPal < 1.3.4 - Arbitrary Post Deletion via CSRF
2021-12-09 00:00:00
wpvulndb
wpvulndb
Accept Donations with PayPal < 1.3.4 - Arbitrary Post Deletion via CSRF
2021-12-09 00:00:00
nvd
nvd
CVE-2021-24989
2022-01-24 08:15:09
cnvd
cnvd