The plugin does not have CSRF check in place when deleting items, allowing attacker to make a logged in admin delete arbitrary posts via a CSRF attack
https://example.com/wp-admin/admin.php?page=nxssnap-reposter&item;=1&action;=delete
CPE | Name | Operator | Version |
---|---|---|---|
social-networks-auto-poster-facebook-twitter-g | lt | 4.3.25 |