Vulnerabilities > CVE-2021-25073 - Unspecified vulnerability in Webmaster-Source Wp125
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
The WP125 WordPress plugin before 1.5.5 does not have CSRF checks in various action, for example when deleting an ad, allowing attackers to make a logged in admin delete them via a CSRF attack