Twenty five plugins for WordPress were found to be vulnerable to cross-site request forgery (CSRF) attacks.
What is a CSRF attack?
In a CSRF attack, an innocent end user is tricked by an attacker into submitting a web request that they did not intend. This may cause actions to be performed on the website that can include inadvertent client or server data leakage, change of session state, or manipulation of an end user’s account.
The impact of these vulnerabilities may vary from low to high severity, leading to, for example, XSS (stored or reflected), changes in settings, configuration import
World of WordPress is hosted by:
With Rocket, your websites will be blazing fast, always protected, and supported 24/7 by our experts with over 17 years of experience.