Beta

Report

BuddyPress Customer.io Analytics Integration <= 1.1.6 is vulnerable to Arbitrary Plugin Settings Update via Cross-Site Request Forgery (CSRF) vulnerability

Unauthenticated
Published
2021-06-29

Arbitrary Plugin Settings Update via Cross-Site Request Forgery (CSRF) vulnerability

CVSS

Score:5.4

Severity:Medium

Version: 1.1.6

The plugin vendor has not patched this vulnerability at the moment.