CVE-2020-18198
Published
CVSS v3
8.8
HIGH
CVSS v2
6.8
MEDIUM
Affected
1
PROJECT
Description
Cross Site Request Forgery (CSRF) in Pluck CMS v4.7.9 allows remote attackers to execute arbitrary code and delete specific images via the component " /admin.php?action=images."
GitHub