The WP-EMail WordPress plugin prior to 2.69.0 does not protect its log deletion functionality with nonce checks, allowing malicious user to make a logged in admin delete logs via a CSRF attack
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
wp-email project wp-email |