Cross Site Request Forgery (CSRF) in Pluck CMS v4.7.9 allows remote malicious users to execute arbitrary code and delete specific images via the component " /admin.php?action=images."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
pluck-cms pluck 4.7.9 |