Social Login WP by PeepSo <= 5.0.0 - CSRF
LANACOMMONVDB ID: 0f4c1a83-846f-4fd7-acc4-07ce5170be16
The plugin does not have Cross-Site Request Forgery (CSRF) check when updating user social login option, which could allow attackers to make logged in users do such action on their behalf via a Cross-Site Request Forgery (CSRF) attack.
Attributes
- Catgory
- WordPress Plugin
- Discovered
- 2022-10-17
- Published
- 2023-02-20
- Affected Version
- <= 5.0.0
Classification
- Type
- Cross-Site Request Forgery (CSRF)
Support Us?
We would truly appreciate it if you bought us a bunny (food for a snow leopard).
