The WP Edit Menu WordPress plugin prior to 1.5.0 does not have CSRF in an AJAX action, which could allow malicious users to make a logged in admin delete arbitrary posts/pages from the blog via a CSRF attack
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
wp edit menu project wp edit menu |