WordPress · Wordpress Email Template Designer - Wp Html Mail · CVE-2021-20779
Name of the Vulnerable Software and Affected Versions:
WordPress Email Template Designer - WP HTML Mail versions prior to 3.0.8
Description:
A cross-site request forgery (CSRF) issue allows remote attackers to hijack the authentication of administrators via unspecified vectors. This affects administrators and could lead to unauthorized actions on behalf of the administrator.
Recommendations:
For versions prior to 3.0.8, update to version 3.0.8 or later to resolve the issue. As a temporary workaround, consider implementing additional authentication checks or restricting access to sensitive areas of the WordPress Email Template Designer - WP HTML Mail to minimize the risk of exploitation.