4 matches found
CVE-2023-2842
The WP Inventory Manager WordPress plugin before 2.1.0.14 does not have CSRF checks, which could allow attackers to make logged-in admins delete Inventory Items via a CSRF attack...
CVE-2023-2842 WP Inventory Manager < 2.1.0.14 - Inventory Items Deletion via CSRF
The WP Inventory Manager WordPress plugin before 2.1.0.14 does not have CSRF checks, which could allow attackers to make logged-in admins delete Inventory Items via a CSRF attack...
CVE-2023-2842 WP Inventory Manager < 2.1.0.14 - Inventory Items Deletion via CSRF
The WP Inventory Manager WordPress plugin before 2.1.0.14 does not have CSRF checks, which could allow attackers to make logged-in admins delete Inventory Items via a CSRF attack...
CVE-2023-2842
CVE-2023-2842 affects the WordPress plugin WP Inventory Manager (pre-2.1.0.14). The vulnerability stems from missing CSRF checks, enabling a CSRF attack to cause logged-in admins to delete Inventory Items. Remediation: upgrade to version 2.1.0.14 or later. Reported impact aligns with CVSS v3.1: a...