CVE-2021-25097
The CVE-2021-25097 entry concerns LabTools WordPress plugin (versions ≤ 1.0). Affected component: publication deletion flow. Root cause: missing authorization checks and CSRF protection, permitting any authenticated user (e.g., subscribers) to delete arbitrary publications. Impact: unauthorized d...