The Useful Banner Manager WordPress plugin up to and including 1.6.1 does not perform CSRF checks on POST requests to its admin page, allowing an malicious user to trick a logged in admin to add, modify or delete banners from the plugin by submitting a form.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
useful banner manager project useful banner manager |