Medium severity6.5NVD Advisory· Published Nov 1, 2021· Updated Jun 17, 2026
CVE-2020-36505
CVE-2020-36505
Description
The Delete All Comments Easily WordPress plugin through 1.3 is lacking Cross-Site Request Forgery (CSRF) checks, which could result in an unauthenticated attacker making a logged in admin delete all comments from the blog.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Delete All Comments Easilydescription
- Range: <=1.3
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.