CVE-2018-1000510
WP Image Zoom (WordPress plugin) version 1.23 contains an Incorrect Access Control vulnerability in the AJAX settings that allows any logged-in user to trigger a denial-of-service. The issue is triggered via CSRF and can be exploited intentionally or unintentionally; the vulnerability is mitigate...