Post Meta Data Manager Security Vulnerabilities and Issues — Post Meta Data Manager CVE List

Lucene search

WpexpertpluginsPost Meta Data Manager

1 matches found

CVE•added 2023/11/21 9:15 a.m.•72 views

CVE-2023-5776

The Post Meta Data Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.1. This is due to missing nonce validation on the pmdm_wp_ajax_delete_meta, pmdm_wp_delete_user_meta, and pmdm_wp_delete_user_meta functions. This makes it possible ...

8.8CVSS8.3AI score0.00111EPSS