2 matches found
CVE-2022-2388 WP Coder < 2.5.3 - Code Deletion via CSRF
The WP Coder WordPress plugin before 2.5.3 does not have CSRF check in place when deleting code created by the plugin, which could allow attackers to make a logged in admin delete arbitrary ones via a CSRF attack...
CVE-2022-2388
The CVE-2022-2388 vulnerability affects the WP Coder WordPress plugin prior to version 2.5.3. The issue is a CSRF omission when deleting code created by the plugin, allowing an authenticated admin to delete arbitrary code via CSRF. Impact stated as I:H with no confidentiality impact and no availa...