PT-2022-20036 · WordPress · Bitcoin / Altcoin Faucet Wordpress Plugin
Name of the Vulnerable Software and Affected Versions: Bitcoin / Altcoin Faucet WordPress plugin versions prior to 1.6.1 Description: The issue concerns a lack of CSRF check when saving settings, allowing an attacker to make a logged-in admin change them via a CSRF attack. Additionally, due to th...