Name of the Vulnerable Software and Affected Versions:

Rextheme WP VR – 360 Panorama and Virtual Tour Builder For WordPress plugin versions <= 8.2.7

Description:

The issue is related to a Cross-Site Request Forgery (CSRF) vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web application that the user is authenticated to.

Recommendations:

For Rextheme WP VR – 360 Panorama and Virtual Tour Builder For WordPress plugin versions <= 8.2.7, update to a version higher than 8.2.7 to resolve the issue.