The plugin does not have CSRF check in place when duplicating a post or page, which could allow attackers to make a logged in a admin duplicate them via a CSRF attack
https://example.com/wp-admin/admin-ajax.php?action=gifeed_duplicate_feed&post;=12
CPE | Name | Operator | Version |
---|---|---|---|
feed-instagram-lite | lt | 1.0.0.29 |