Description
WordPress Plugin Zero BS WordPress CRM is prone to a cross-site request forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain administrative actions and gain unauthorized access to the affected application; other attacks are also possible. WordPress Plugin Zero BS WordPress CRM version 2.99.9 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.99.9.2 or latest
References
Related Vulnerabilities
WordPress Plugin JS Job Manager Unspecified Vulnerability (1.0.9)
WordPress Plugin Backup and Staging by WP Time Capsule PHP Object Injection (1.21.9)
WordPress Plugin BetterOptin Cross-Site Scripting (1.2.4)
WordPress Plugin MStore API-Create Native Android & iOS Apps On The Cloud Security Bypass (3.1.9)