Cross site request forgery (csrf)

2022-03-2119:15:00

PRIOn knowledge base

www.prio-n.com

4.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.0%

JSON

The Amelia WordPress plugin before 1.0.47 does not have CSRF check in place when deleting customers, which could allow attackers to make a logged in admin delete arbitrary customers via a CSRF attack

CPENameOperatorVersion
amelialt1.0.47

CPE	Name	Operator	Version
	amelia	lt	1.0.47

References

wpscan.com/vulnerability/7c63d76e-34ca-4778-8784-437d446c16e0