Sunshine Photo Cart by WP Sunshine <= 2.9.13 - Image Location Update via CSRF
LANACOMMONVDB ID: 2a3952bd-b272-4479-a969-af729f264b7a
The plugin does not have Cross-Site Request Forgery (CSRF) check when updating an image location, which could allow attackers to make logged in users perform such action via a Cross-Site Request Forgery (CSRF) attack.
Attributes
- Catgory
- WordPress Plugin
- Discovered
- 2022-09-09
- Published
- 2022-12-01
- Affected Version
- <= 2.9.13
Classification
- Type
- Cross-Site Request Forgery (CSRF)
Support Us?
We would truly appreciate it if you bought us a bunny (food for a snow leopard).
