1 matches found
CVE-2022-27432
A Cross-Site Request Forgery CSRF in Pluck CMS v4.7.15 allows attackers to change the password of any given user by exploiting this feature leading to account takeover...