The WP Edit Menu WordPress plugin prior to 1.5.0 does not have authorisation and CSRF in an AJAX action, which could allow unauthenticated malicious users to delete arbitrary posts/pages from the blog
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
wp edit menu project wp edit menu |