{"containers":{"cna":{"affected":[{"product":"Comment Link Remove and Other Comment Tools","vendor":"Unknown","versions":[{"lessThan":"2.1.6","status":"affected","version":"2.1.6","versionType":"custom"}]}],"credits":[{"lang":"en","value":"Martin Vierula of Trustwave"}],"descriptions":[{"lang":"en","value":"The Comment Link Remove and Other Comment Tools WordPress plugin before 2.1.6 does not have CSRF check in its 'Delete comments easily', which could allow attackers to make logged in admin delete arbitrary comments"}],"problemTypes":[{"descriptions":[{"cweId":"CWE-352","description":"CWE-352 Cross-Site Request Forgery (CSRF)","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2021-09-13T17:56:39.000Z","orgId":"1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81","shortName":"WPScan"},"references":[{"tags":["x_refsource_MISC"],"url":"https://wpscan.com/vulnerability/01483284-57f5-4ae9-b5f1-ae26b623571f"},{"tags":["x_refsource_MISC"],"url":"https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=29225"}],"source":{"discovery":"UNKNOWN"},"title":"Comment Link Remove and Other Comment Tools < 2.1.6 - Arbitrary Comment Deletion via CSRF","x_generator":"WPScan CVE Generator","x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"contact@wpscan.com","ID":"CVE-2021-24725","STATE":"PUBLIC","TITLE":"Comment Link Remove and Other Comment Tools < 2.1.6 - Arbitrary Comment Deletion via CSRF"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Comment Link Remove and Other Comment Tools","version":{"version_data":[{"version_affected":"<","version_name":"2.1.6","version_value":"2.1.6"}]}}]},"vendor_name":"Unknown"}]}},"credit":[{"lang":"eng","value":"Martin Vierula of Trustwave"}],"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The Comment Link Remove and Other Comment Tools WordPress plugin before 2.1.6 does not have CSRF check in its 'Delete comments easily', which could allow attackers to make logged in admin delete arbitrary comments"}]},"generator":"WPScan CVE Generator","problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-352 Cross-Site Request Forgery (CSRF)"}]}]},"references":{"reference_data":[{"name":"https://wpscan.com/vulnerability/01483284-57f5-4ae9-b5f1-ae26b623571f","refsource":"MISC","url":"https://wpscan.com/vulnerability/01483284-57f5-4ae9-b5f1-ae26b623571f"},{"name":"https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=29225","refsource":"MISC","url":"https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=29225"}]},"source":{"discovery":"UNKNOWN"}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T19:42:16.624Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"https://wpscan.com/vulnerability/01483284-57f5-4ae9-b5f1-ae26b623571f"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=29225"}]}]},"cveMetadata":{"assignerOrgId":"1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81","assignerShortName":"WPScan","cveId":"CVE-2021-24725","datePublished":"2021-09-13T17:56:39.000Z","dateReserved":"2021-01-14T00:00:00.000Z","dateUpdated":"2024-08-03T19:42:16.624Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}