vulnerability

WordPress Plugin: wp-reset: CVE-2021-36908: Cross-Site Request Forgery (CSRF)

Try Surface Command
Back to search
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
Nov 10, 2021
Added
May 15, 2025
Modified
May 5, 2026

Description

Cross-Site Request Forgery (CSRF) vulnerability leading to Database Reset in WordPress WP Reset PRO Premium plugin (versions less than or equal to 5.98) allows attackers to trick authenticated into making unintentional database reset.

Solution

wp-reset-plugin-cve-2021-36908

References

Title
Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report