AI Score
Confidence
High
EPSS
Percentile
24.1%
Description The plugin does not have CSRF check when blocking plugin from being updated, which could allow attackers to make logged in admins perform such actions via a CSRF attack
patchstack.com/database/vulnerability/block-specific-plugin-updates/wordpress-block-plugin-update-plugin-3-3-cross-site-request-forgery-csrf-vulnerability