CVE-2019-9048
CVE-2019-9048 affects Pluck CMS (reported for version 4.7.9-dev1). The vulnerability is a Cross-Site Request Forgery (CSRF) that allows an attacker to delete a theme (topic) via /admin.php?action=theme_delete&var1=. The description confirms the underlying flaw is CSRF; no additional exploitation ...