CVE-2021-24749

Name of the Vulnerable Software and Affected Versions: URL Shortify WordPress plugin versions prior to 1.5.1

Description: The issue is related to the lack of a CSRF check when bulk-deleting links or groups, which could allow attackers to make a logged-in admin delete arbitrary links and groups via a CSRF attack.

Recommendations: For versions prior to 1.5.1, update to version 1.5.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the bulk deletion functionality until a patch is applied.