Enqueue Anything Project

enqueue_anything_project

1 CVE • 1 product

Products (1)

Click to collapse

Toggle

Enqueue Anything

enqueue_anything

1 CVE

CVEs (1)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-25116 1Enqueue Anything Project 1Enqueue Anything Jun 17, 2026 Jun 13, 2022 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 The Enqueue Anything WordPress plugin through 1.0.1 does not have authorisation and CSRF checks in the remove_asset AJAX action, and does not ensure that the item to be deleted is actually an asset. As a result, low priv...Show more The Enqueue Anything WordPress plugin through 1.0.1 does not have authorisation and CSRF checks in the remove_asset AJAX action, and does not ensure that the item to be deleted is actually an asset. As a result, low privilege users such as subscriber could delete arbitrary assets, as well as put arbitrary posts in the trash.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2021-25116

1Enqueue Anything Project

1Enqueue Anything

Jun 17, 2026

Jun 13, 2022

N/A· v4

6.5 MEDIUM· v3

4.0 MEDIUM· v2

The Enqueue Anything WordPress plugin through 1.0.1 does not have authorisation and CSRF checks in the remove_asset AJAX action, and does not ensure that the item to be deleted is actually an asset. As a result, low privilege users such as subscriber could delete arbitrary assets, as well as put arbitrary posts in the trash.Show less