Clock In Portal- Staff & Attendance Management, CVE-2023-0761
- CVE, Research URL
- Published on
- May 15, 2023
- Research Description
- The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting Staff members, which could allow attackers to make logged in admins delete arbitrary Staff via a CSRF attack
- Affected versions
-
Min -, max 2.2.
- Status
-
vulnerable