Cross-Site Request Forgery (CSRF) vulnerability leading to plugin settings reset discovered by Muhammad Daffa (Patchstack Alliance) in the WordPress Creative Mail plugin (versions <= 1.5.4).
Update the WordPress Creative Mail plugin to the latest available version (at least 1.6.0).
CPE | Name | Operator | Version |
---|---|---|---|
creative mail | le | 1.5.4 |