An issue was discovered in Pluck 4.7.9-dev1. There is a CSRF vulnerability that can delete pictures via a /admin.php?action=deleteimage&var1= URI.
CPE | Name | Operator | Version |
---|---|---|---|
pluck | eq | 4.7.6 | |
pluck | eq | 4.7.8-dev1 | |
pluck | eq | 4.7.8-dev3 | |
pluck | eq | 4.7.7-dev2 | |
pluck | eq | 4.7.9-dev1 | |
pluck | eq | 4.7.3 | |
pluck | eq | 4.7 | |
pluck | eq | 4.7.2 | |
pluck | eq | 4.744 | |
pluck | eq | 4.7.8-dev2 |