Messenger Customer Chat <=1.2 - CSRF

Affects Plugin

fixed in version 1.3

References

URL https://plugins.trac.wordpress.org/changeset?reponame=&new=2107719%40facebook-messenger-customer-chat&old=2041805%40facebook-messenger-customer-chat
URL https://www.zdnet.com/article/disgruntled-security-firm-discloses-zero-days-in-facebooks-wordpress-plugins/

Classification

Type CSRF
OWASP Top 10 A8: Cross-Site Request Forgery (CSRF)
CWE CWE-352

Miscellaneous

Views 1670
Verified No
WPVDB ID 9349

Timeline

Publicly Published 2019-06-18 (about 1 month ago)
Added 2019-06-18 (about 1 month ago)
Last Updated 2019-06-18 (about 1 month ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin