Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2022-3151

Disclosure Date: October 17, 2022 (last updated February 24, 2025)
The WP Custom Cursors WordPress plugin before 3.0.1 does not have CSRF check in place when deleting cursors, which could allow attackers to made a logged in admin delete arbitrary cursors via a CSRF attack.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0