6.5 Medium
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
17.1%
Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks
patchstack.com/database/vulnerability/list-all-posts-by-authors-nested-categories-and-titles/wordpress-list-all-posts-by-authors-nested-categories-and-title-plugin-2-7-10-cross-site-scripting-xss-vulnerability