CSRF Vulnerability in Comment Link Remove and Other Comment Tools WordPress Plugin

CSRF Vulnerability in Comment Link Remove and Other Comment Tools WordPress Plugin

CVE-2021-24725 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

The Comment Link Remove and Other Comment Tools WordPress plugin before 2.1.6 does not have CSRF check in its 'Delete comments easily', which could allow attackers to make logged in admin delete arbitrary comments

Learn more about our Wordpress Pen Testing.