CVE-2020-36741
The CVE-2020-36741 entry concerns the WordPress MultiVendorX plugin. Affected: MultiVendorX plugin for WordPress versions up to and including 3.5.7. Root cause: missing or incorrect nonce validation in the submit_comment() function enables Cross-Site Request Forgery (CSRF). Impact: unauthenticate...