CVE-2024-3163
Easy Property Listings < 3.5.4 - Arbitrary Contact Deletion via CSRF
The Easy Property Listings WordPress plugin before 3.5.4 does not have CSRF check when deleting contacts in bulk, which could allow attackers to make a logged in admin delete them via a CSRF attack
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Produtos afetados
Unknown · Easy Property ListingsQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →