CVE-2023-0335 Information

Description

The WP Shamsi WordPress plugin through 4.3.3 has CSRF and broken access control vulnerabilities which leads user with role as low as subscriber delete attachment.

Reference

https://wpscan.com/vulnerability/f7a20bea-c3d5-431b-bdcf-e189c81a561a