CVE-2023-2271
16.08.2023, 12:15
The Tiempo.com WordPress plugin through 0.1.2 does not have CSRF check when deleting its shortcode, which could allow attackers to make logged in admins delete arbitrary shortcode via a CSRF attackEnginsight
| Vendor | Product | Version |
|---|---|---|
| tiempo | tiempo | 𝑥 ≤ 0.1.2 |
𝑥
= Vulnerable software versions