- Lana Codes
- Common Vulnerabilities
Reviews and Rating – Google My Business by Design Extreme <= 4.14 - Subscriber+ Plugin Settings Update
LANACOMMONVDB ID: 836f6466-21e1-4251-aa94-f78d6bb3aa8b
The plugin does not have authorisation and Cross-Site Request Forgery (CSRF) check when updating a plugin settings, which could allow any authenticated users, such as subscriber to update plugin settings.
You must be log in to view vulnerability details.
Or register a new account.