CVE-2026-1508

Medium CVSS: 4.3

The Court Reservation WordPress plugin before 1.10.9 does not have CSRF check in place when deleting events, which could allow attackers to make a logged in admin delete them via a CSRF attack

Vendor

Product

CWE

CWE-352

Yayın Tarihi

2026-03-10 17:32:18

Güncelleme

2026-03-11 13:53:47

Source Identifier

contact@wpscan.com

KEV Date Added

Kategoriler

CWE-352 MEDIUM 2026

Referanslar

https://wpscan.com/vulnerability/fc1d577b-abf9-4c15-a96d-14ebd894debc/