The Accept Donations with PayPal WordPress plugin prior to 1.3.4 does not have CSRF check in place and does not ensure that the post to be deleted belongs to the plugin, allowing malicious users to make a logged in admin delete arbitrary posts from the blog
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
wpplugin accept donations with paypal |