WP Spell Check <= 7.1.9 - Cross-Site Request Forgery (CSRF)
Description | The plugin was affected by a CSRF vulnerability, allowing attackers to force logged in users perform unwanted actions, which could lead to Cross-Site Scripting (XSS). |
Affects Plugin
|
References
CVE | 2019-6027 |
URL | https://jvn.jp/en/jp/JVN26838191/index.html |
URL | https://plugins.trac.wordpress.org/changeset/2127548/wp-spell-check |
Classification
Type | CSRF |
CWE | CWE-352 |
Miscellaneous
Original Researcher | Takuya Yamaguchi |
Views | 54557 |
Verified | No |
WPVDB ID | 9956 |
Timeline
Publicly Published | 2019-11-26 (18 days ago) |
Added | 2019-11-26 (18 days ago) |
Last Updated | 2019-11-28 (16 days ago) |
Our Other Services
Online WordPress Vulnerability Scanner | WPScan WordPress Security Plugin |