Description
WordPress Plugin Delete All Comments is prone to a cross-site request forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain administrative actions and gain unauthorized access to the affected application; other attacks are also possible. WordPress Plugin Delete All Comments version 1.0 is vulnerable.
Remediation
Update to plugin version 1.1 or latest
References
Related Vulnerabilities
PHP Improper Input Validation Vulnerability (CVE-2010-3709)
Oracle Database Server CVE-2010-0892 Vulnerability (CVE-2010-0892)
WordPress Plugin WP eCommerce SQL Injection (3.11.3)
TYPO3 Improper Authentication Vulnerability (CVE-2022-23501)
PHP Resource Management Errors Vulnerability (CVE-2011-3267)