Lqd: >> Liquid Speech Balloon >> 1.0.0 Security Vulnerabilities
Cross-site request forgery (CSRF) vulnerability in LIQUID SPEECH BALLOON versions prior to 1.2 allows a remote unauthenticated attacker to hijack the authentication of a user and to perform unintended operations by having a user view a malicious page.
CVSS Score
8.8
EPSS Score
0.007
Published
2023-05-10