AI Score
Confidence
High
EPSS
Percentile
42.8%
A Cross-Site Request Forgery (CSRF) in Pluck CMS v4.7.15 allows attackers to change the password of any given user by exploiting this feature leading to account takeover.
owasp.org/www-community/attacks/csrf
www.exploit-db.com/exploits/50831