- Lana Codes
- Common Vulnerabilities
OoohBoi Steroids for Elementor by OoohBoi <= 2.1.4 - Subscriber+ Attachment Deletion
LANACOMMONVDB ID: 6bfe075a-e5b2-4976-b5e9-da7b94535c9e
The plugin has Cross-Site Request Forgery (CSRF) and broken access control vulnerabilities which leads user with role as low as subscriber to delete attachment.
You must be log in to view vulnerability details.
Or register a new account.