Deny All Firewall <= 1.1.6 - CSRF



Description
CSRF leading to disabling of the plugin protection (rules in the .htaccess removed)

Affects Plugin

fixed in version 1.1.7

References

URL https://plugins.trac.wordpress.org/changeset?reponame=&new=2110522%40deny-all-firewall&old=2110073%40deny-all-firewall

Classification

Type CSRF
OWASP Top 10 A8: Cross-Site Request Forgery (CSRF)
CWE CWE-352

Miscellaneous

Views 1674
Verified No
WPVDB ID 9379

Timeline

Publicly Published 2019-06-22 (about 1 month ago)
Added 2019-06-22 (about 1 month ago)
Last Updated 2019-06-22 (about 1 month ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin