CVE-2021-24749

Published: Nov 29, 2021

Modified: Aug 3, 2024

PUBLISHED

Description

The URL Shortify WordPress plugin before 1.5.1 does not have CSRF check in place when bulk-deleting links or groups, which could allow attackers to make a logged in admin delete arbitrary link and group via a CSRF attack.

Vendor	Product	Versions
Unknown	URL Shortify – Simple, Powerful and Easy URL Shortener Plugin For WordPress	affected `1.5.1 - < 1.5.1`

Weaknesses (CWE)

CWE-352

References

https://wpscan.com/vulnerability/4b4e417d-0ae2-4c3c-81e6-4dcf39eb5697

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2021-24749

Description

Affected Products

Weaknesses (CWE)

References