VMagazine Lite <= 1.3.5 is vulnerable to Cross-Site Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation

Unauthenticated

Published
2022-01-23

Cross-Site Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation

Score:8.1

Severity:High

Version: 1.3.5

There is a patch available in v1.3.6 and we strongly recommend you update to this version as soon as possible.