Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2023-4307

Disclosure Date: September 11, 2023 (last updated October 08, 2023)
The Lock User Account WordPress plugin through 1.0.3 does not have CSRF check when bulk locking and unlocking accounts, which could allow attackers to make logged in admins lock and unlock arbitrary users via a CSRF attack
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0