CSRF Vulnerability in Redirect 404 Error Page to Homepage or Custom Page with Logs WordPress Plugin
CVE-2021-24767 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
The Redirect 404 Error Page to Homepage or Custom Page with Logs WordPress plugin before 1.7.9 does not check for CSRF when deleting logs, which could allow attacker to make a logged in admin delete them via a CSRF attack
Learn more about our Wordpress Pen Testing.