Contest Gallery <= 10.4.4 - Cross-Site Request Forgery (CSRF)

Affects Plugin

fixed in version 10.4.5

References

CVE 2019-5974
URL https://jvn.jp/en/jp/JVN80925867/index.html

Classification

Type CSRF
OWASP Top 10 A8: Cross-Site Request Forgery (CSRF)
CWE CWE-352

Miscellaneous

Original Researcher Okazawa Yoshihiro of Cryptography Laboratory
Submitter Ryan Dewhurst
Submitter Website https://wpscan.io
Submitter Twitter ethicalhack3r
Views 1319
Verified No
WPVDB ID 9436

Timeline

Publicly Published 2019-06-12 (about 1 month ago)
Added 2019-07-09 (14 days ago)
Last Updated 2019-07-09 (14 days ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin