Deny All Firewall <= 1.1.6 - CSRF



Description
CSRF leading to disabling of the plugin protection (rules in the .htaccess removed)

Affects Plugin

fixed in version 1.1.7

References

CVE 2019-14681
URL https://plugins.trac.wordpress.org/changeset?reponame=&new=2110522%40deny-all-firewall&old=2110073%40deny-all-firewall

Classification

Type CSRF
CWE CWE-352

Miscellaneous

Views 2501
Verified No
WPVDB ID 9379

Timeline

Publicly Published 2019-06-22 (3 months ago)
Added 2019-06-22 (3 months ago)
Last Updated 2019-08-21 (about 1 month ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin