AI Score
Confidence
High
EPSS
Percentile
24.1%
Description The plugin does not have CSRF checks in its getEmail and getUrl functions, which could allow attackers to make logged in admins add email and URLs to the allow list via CSRF attacks
patchstack.com/database/vulnerability/dofollow-case-by-case/wordpress-dofollow-case-by-case-plugin-3-4-2-cross-site-request-forgery-csrf-vulnerability