CVE-2020-36852P1CRITICALCVSS 9.1Exploited≤ 1.7.12025-10-01
CVE-2020-36852 [CRITICAL] CWE-862 CVE-2020-36852: The Custom Searchable Data Entry System plugin for WordPress is vulnerable to unauthenticated databa
The Custom Searchable Data Entry System plugin for WordPress is vulnerable to unauthenticated database wiping in versions up to, and including 1.7.1, due to a missing capability check and lack of sufficient validation on the ghazale_sds_delete_entries_table_row() function. This makes it possible for unauthenticated attackers to completely wipe dat
nvd