CSRF Vulnerability in Comment Link Remove and Other Comment Tools WordPress Plugin
CVE-2021-24725 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
The Comment Link Remove and Other Comment Tools WordPress plugin before 2.1.6 does not have CSRF check in its 'Delete comments easily', which could allow attackers to make logged in admin delete arbitrary comments
Learn more about our Wordpress Pen Testing.