CVE-2021-25072
CVE-2021-25072 affects the WordPress plugin NextScripts: Social Networks Auto-Poster (versions before 4.3.25). The issue is a missing CSRF check when deleting items, allowing an attacker to induce a logged-in admin to delete arbitrary posts via a CSRF attack. Public references describe the vulner...