Vulnerability CVE-2023-0335
Published: 2023-03-27

Description:
The WP Shamsi WordPress plugin through 4.3.3 has CSRF and broken access control vulnerabilities which leads user with role as low as subscriber delete attachment.

Type:

CWE-352

 (Cross-Site Request Forgery (CSRF))

 References:
https://wpscan.com/vulnerability/f7a20bea-c3d5-431b-bdcf-e189c81a561a
Copyright 2026, cxsecurity.com

 

Back to Top