The WPQA Builder WordPress plugin prior to 5.9 does not have CSRF check when following and unfollowing users, which could allow malicious users to make logged in users perform such actions via CSRF attacks
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
2code wpqa builder |