Vulnerabilities > CVE-2021-25093 - Missing Authorization vulnerability in Link Library Project Link Library

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

link-library-project

CWE-862

NVD

Published: 2022-02-01

Updated: 2022-02-04

Summary

The Link Library WordPress plugin before 7.2.8 does not have authorisation in place when deleting links, allowing unauthenticated users to delete arbitrary links via a crafted request

Vulnerable Configurations

Part	Description	Count
Application	Link_Library_Project Link Library Project Link Library *	1

Common Weakness Enumeration (CWE)

CWE-862 - Missing Authorization

References

https://wpscan.com/vulnerability/7a7603ce-d76d-4c49-a886-67653bed8cd3