CVE-2023-0685
CVE-2023-0685 concerns the Wicked Folders WordPress plugin. The vulnerability is Cross‑Site Request Forgery due to missing or incorrect nonce validation in the ajax_unassign_folders function, affecting versions up to and including 2.18.16. This could allow unauthenticated attackers to trigger adm...