4 matches found
CVE-2021-24806
creationtimestamp| type| source ---|---|--- 2021-11-08 20:29:20+00:00| seen| https://t.me/cibsecurity/31993...
CVE-2021-24806
The wpDiscuz WordPress plugin before 7.3.4 does check for CSRF when adding, editing and deleting comments, which could allow attacker to make logged in users such as admin edit and delete arbitrary comment, or the user who made the comment to edit it via a CSRF attack. Attackers could also make...
CVE-2021-24806
CVE-2021-24806 documents a CSRF vulnerability in the WordPress plugin wpDiscuz, affecting versions before 7.3.4. The flaw is a CSRF check failure for adding, editing, and deleting comments, enabling an attacker to cause logged-in users (including admins or the comment author) to edit/delete arbit...
CVE-2021-24806 wpDiscuz < 7.3.4 - Arbitrary Comment Addition/Edition/Deletion via CSRF
The wpDiscuz WordPress plugin before 7.3.4 does check for CSRF when adding, editing and deleting comments, which could allow attacker to make logged in users such as admin edit and delete arbitrary comment, or the user who made the comment to edit it via a CSRF attack. Attackers could also make...