CVE-2021-24725
N/A
N/A
Summary
The Comment Link Remove and Other Comment Tools WordPress plugin before 2.1.6 does not have CSRF check in its 'Delete comments easily', which could allow attackers to make logged in admin delete arbitrary comments
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Unknown | Comment Link Remove and Other Comment Tools | 2.1.6 < 2.1.6 | affected |
Weaknesses
- CWE-352: CWE-352 Cross-Site Request Forgery (CSRF)
ADP Enrichment
CVE Program Container
Additional References
- https://wpscan.com/vulnerability/01483284-57f5-4ae9-b5f1-ae26b623571f
- https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=29225
References
- https://wpscan.com/vulnerability/01483284-57f5-4ae9-b5f1-ae26b623571f
- https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=29225
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.