The plugin does not have authorisation in place when deleting links, allowing unauthenticated users to delete arbitrary links via a crafted request
https://example.com/?post_type=link_library_links&ll60reupdate;=1
CPE | Name | Operator | Version |
---|---|---|---|
link-library | lt | 7.2.9 |