Gti: >> Throws Spam Away Security Vulnerabilities
The Throws SPAM Away WordPress plugin before 3.3.1 does not have CSRF checks in place when deleting comments (either all, spam, or pending), allowing attackers to make a logged in admin delete comments via a CSRF attack
CVSS Score
4.3
EPSS Score
0.001
Published
2022-06-08