CVE-2018-1000506
The issue affects the WordPress plugin Metronet Tag Manager, version 1.2.7. It contains a Cross-Site Request Forgery (CSRF) vulnerability on the Settings page /wp-admin/options-general.php?page=metronet-tag-manager that can allow a logged-in attacker to perform administrator actions. The vulnerab...