- Lana Codes
- Common Vulnerabilities
WP Time Slots Booking Form by CodePeople <= 1.1.76 - CSRF
LANACOMMONVDB ID: 688b1f41-e734-4e8b-9252-61450c6ad2b2
The plugin does not have Cross-Site Request Forgery (CSRF) check when submitting feedback, which could allow attackers to make logged in users do such action on their behalf via a Cross-Site Request Forgery (CSRF) attack.
You must be log in to view vulnerability details.
Or register a new account.