Lucene search
Krzysztof ZającWPEX-ID:53D2C61D-CE73-40E0-A113-9D76D8FECC91HistoryJan 03, 2022 - 12:00 a.m.
NextScripts: Social Networks Auto-Poster < 4.3.25 - Arbitrary Post Deletion via CSRF
2022-01-0300:00:00
Krzysztof Zając
288
0.001 Low
EPSS
Percentile
26.3%
The plugin does not have CSRF check in place when deleting items, allowing attacker to make a logged in admin delete arbitrary posts via a CSRF attack
https://example.com/wp-admin/admin.php?page=nxssnap-reposter&item=1&action=deleteRelated
cve
cve
CVE-2021-25072
2022-02-01 13:15:09
cnvd
cnvd
prion
prion
Cross site request forgery (csrf)
2022-02-01 13:15:00
wpvulndb
wpvulndb
cvelist
cvelist
patchstack
patchstack
nvd
nvd
CVE-2021-25072
2022-02-01 13:15:09