Cross-Site Request Forgery (CSRF) vulnerability in Marco Milesi WP Attachments plugin <= 5.0.6 versions.