[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fKmcYDFwzZLk09nlmSGbKUYKmLTA_No78WGN4OPb0M1g":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20},"WF-e8596412-53d5-45ed-998a-49799bd269d0-image-regenerate-select-crop","image-regenerate-select-crop-cross-site-request-forgery-on-multiple-ajax-actions","Image Regenerate & Select Crop \u003C= 7.1.0 - Cross-Site Request Forgery on multiple AJAX actions","The Image Regenerate & Select Crop plugin for WordPress is vulnerable to cross-site request forgery due to missing nonce checks on multiple AJAX functions in versions up to, and including, 7.1.0. This makes it possible for authenticated attackers to bulk rename, process, and delete image files.","image-regenerate-select-crop",null,"\u003C7.2.0","7.2.0","medium",6.5,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:L","Cross-Site Request Forgery (CSRF)","2023-07-01 00:00:00","2024-01-22 19:56:02",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fe8596412-53d5-45ed-998a-49799bd269d0?source=api-prod",206]