WP Spell Check < 7.1.10 - Cross-Site Request Forgery (CSRF)
| Description |
The plugin was affected by a CSRF vulnerability, allowing attackers to force logged in users perform unwanted actions, which could lead to Cross-Site Scripting (XSS). |
Affects Plugin
|
|
References
| CVE | 2019-6027 |
| URL | https://jvn.jp/en/jp/JVN26838191/index.html |
| URL | https://plugins.trac.wordpress.org/changeset/2127548/wp-spell-check |
Classification
| Type | CSRF |
| CWE | CWE-352 |
Miscellaneous
| Original Researcher | Takuya Yamaguchi |
| Views | 256557 |
| Verified | No |
| WPVDB ID | 9956 |
Timeline
| Publicly Published | 2019-11-26 (8 months ago) |
| Added | 2019-11-26 (8 months ago) |
| Last Updated | 2020-03-05 (4 months ago) |
Our Other Services
| Online WordPress Vulnerability Scanner | WPScan WordPress Security Plugin |
