Zigcy Cosmetics <= 1.0.5 is vulnerable to Cross-Site Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation

Unauthenticated

Published
2022-01-23

Cross-Site Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation

Score:8.1

Severity:High

Version: 1.0.5

There is a patch available in v1.0.6 and we strongly recommend you update to this version as soon as possible.