CVE-2021-24668

Summary

The MAZ Loader WordPress plugin before 1.4.1 does not enforce nonce checks, which allows attackers to make administrators delete arbitrary loaders via a CSRF attack

Affected Software

VendorProductVersion RangeStatus
UnknownMAZ Loader – Preloader Builder for WordPress1.4.1 < 1.4.1affected

Weaknesses

  • CWE-352: CWE-352 Cross-Site Request Forgery (CSRF)

ADP Enrichment

CVE Program Container

Additional References

References