- Lana Codes
- Common Vulnerabilities
GPT3 AI Content Writer by Senol Sahin <= 1.4.37 - Subscriber+ Arbitrary Post Content Update
LANACOMMONVDB ID: a1220b9e-0f45-4c6a-a660-6e04208c0166
The plugin does not have authorisation and Cross-Site Request Forgery (CSRF) check when updating a post content, which could allow any authenticated users, such as subscriber to update arbitrary post content.
You must be log in to view vulnerability details.
Or register a new account.