The plugin does not have CSRF check in place when deleting items, allowing attacker to make a logged in admin delete arbitrary posts via a CSRF attack
https://example.com/wp-admin/admin.php?page=nxssnap-reposter&item=1&action=delete
Krzysztof Zając
Krzysztof Zając
Yes
2022-01-03 (about 1 years ago)
2022-01-03 (about 1 years ago)
2022-04-08 (about 9 months ago)