|Proof of Concept
XSS vulnerability in https://wordpress.org/plugins/gotmls/ has been identified.
An attacker , when have access to files , can modify file and can stop scanning , can hijack cookies , can bypass malware checks / stop scanning process or redirect to malicious websites as well .
CSRF Vulnerability :-
All the forms on Anti-Malware Security and Brute-Force Firewall Plugin were vulnerable to CSRF vulnerability as they lack wp_nonce parameter in all forms they had .