VYPR

WP Admin Logo Changer

by WordPress

CVEs (1)

  • CVE-2021-24784MedDec 13, 2021
    risk 0.42cvss 6.5epss 0.01

    The WP Admin Logo Changer WordPress plugin through 1.0 does not have CSRF check when saving its settings, which could allow attackers to make a logged in admin update them via a CSRF attack.