CVE-2020-36852
The WordPress plugin Custom Searchable Data Entry System (versions ≤ 1.7.1) is vulnerable to unauthenticated database wiping due to a missing capability check and inadequate validation in ghazale_sds_delete_entries_table_row(). This allows unauthenticated attackers to wipe tables (e.g., wp_users)...