VYPR

Tiempo.com WordPress plugin

by WordPress

CVEs (1)

  • CVE-2023-2271MedAug 16, 2023
    risk 0.28cvss 4.3epss 0.00

    The Tiempo.com WordPress plugin through 0.1.2 does not have CSRF check when deleting its shortcode, which could allow attackers to make logged in admins delete arbitrary shortcode via a CSRF attack