- Lana Codes
- Common Vulnerabilities
Sunshine Photo Cart by WP Sunshine <= 2.9.13 - Image Location Update via CSRF
LANACOMMONVDB ID: 2a3952bd-b272-4479-a969-af729f264b7a
The plugin does not have Cross-Site Request Forgery (CSRF) check when updating an image location, which could allow attackers to make logged in users perform such action via a Cross-Site Request Forgery (CSRF) attack.
You must be log in to view vulnerability details.
Or register a new account.