Description
A cross-site request forgery vulnerability in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 can lead to unintended data deletion from customer pages.
Remediation
References
Related Vulnerabilities
WordPress Plugin FireStorm Professional Real Estate Multiple SQL Injection Vulnerabilities (2.05.01)
WordPress Plugin Captchinoo, Google recaptcha for admin login page Cross-Site Request Forgery (2.4)
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-4850)
WordPress Plugin AJAX Random Post Cross-Site Scripting (2.00)