OG Tags < 2.0.2 - Plugin's Settings Update via CSRF

2021-09-28T00:00:00
ID WPVDB-ID:29D132FB-71D6-4291-A2E9-641DA6BF2C3D
Type wpvulndb
Reporter wpvulndb
Modified 2021-09-28T06:45:24

Description

The plugin is lacking a CSRF check when saving its settings, which could allow attackers to make a logged in admin change them via a CSRF attack