The plugin does not have authorisation and CSRF checks when deleting icons, allowing unauthenticated user to delete arbitrary icons
https://example.com/?cnss-delete=&id=1
Jan w Oleju
Jan w Oleju
Yes
2022-03-21 (about 1 years ago)
2022-03-21 (about 1 years ago)
2022-03-21 (about 1 years ago)