CVE-2021-4420
The CVE-2021-4420 entry concerns the WordPress Sell Media plugin. Affected component: sell_media_process() in versions up to and including 2.5.5. Root cause: missing or incorrect nonce validation leading to Cross-Site Request Forgery. Impact: unauthenticated attackers can cause a forged request t...