- Lana Codes
- Common Vulnerabilities
Popup Manager by Cohhe <= 1.6.6 - Unauthenticated Arbitrary Popup Deletion
LANACOMMONVDB ID: 8b1c01fd-1370-49d9-b5b2-60f71745b699
The plugin does not have authorisation and Cross-Site Request Forgery (CSRF) check when deleting popups, which could allow unauthenticated users to delete them.
You must be log in to view vulnerability details.
Or register a new account.