CVE-2021-24795

CVE-2021-24795: Filter Portfolio Gallery <= 1.5 - Arbitrary Gallery Deletion via CSRF

Vendor Unknown
Product Filter Portfolio Gallery
Weakness CWE-352 · CSRF
Published December 13, 2021
Last update August 3, 2024

CVSS base score

What the vulnerability does

01Description

The Filter Portfolio Gallery WordPress plugin through 1.5 is lacking Cross-Site Request Forgery (CSRF) check when deleting a Gallery, which could allow attackers to make a logged in admin delete arbitrary Gallery.

Key dates

02Disclosure timeline

December 13, 2021 CVE published
August 3, 2024 Record updated