WordPress More Fields Plugin 2.1 - CSRF
- More Fields
- This vulnerability is disabled for all functions (add box and delete box options). Because of that, an attacker can add or delete extra fields in additional boxes on the edit page in the Admin.
- Upgrade the plugin.
Type Cross Site Request Forgery (CSRF)
OWASP Top 10 A8: Cross Site Request Forgery (CSRF)
- Name CVE-N/A
Fixed In 2.2
- Disclosure date
- Aatif Shahdad