Vulnerabilities > Private Files Project

DATE CVE VULNERABILITY TITLE RISK
2022-06-13 CVE-2022-1793 Cross-Site Request Forgery (CSRF) vulnerability in Private Files Project Private Files 0.40
The Private Files WordPress plugin through 0.40 is missing CSRF check when disabling the protection, which could allow attackers to make a logged in admin perform such action via a CSRF attack and make the blog public
network
low complexity
private-files-project CWE-352
4.3