Robo Gallery by RoboSoft <= 3.2.9 - Addon Plugin Activation/Deactivation via CSRF
LANACOMMONVDB ID: 6359840f-606a-475e-b435-b5fc3b22895c
The plugin does not have Cross-Site Request Forgery (CSRF) checks when activating and deactivating addon plugins, which could allow attackers to make logged in users perform such actions via Cross-Site Request Forgery (CSRF) attacks.