The Delete All Comments Easily WordPress plugin up to and including 1.3 is lacking Cross-Site Request Forgery (CSRF) checks, which could result in an unauthenticated attacker making a logged in admin delete all comments from the blog.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
delete all comments easily project delete all comments easily |