WordPress Plugin Vulnerabilities

Simple Add Pages or Posts <= 1.6 - CSRF

Description

The Simple add pages or posts WordPress plugin was affected by a CSRF security vulnerability.

Affects Plugins

Plugin icon
simple-add-pages-or-posts
Fixed in 1.7

References

CVE
CVE-2016-10883
URL
https://plugins.trac.wordpress.org/changeset?reponame=&new=1341380%40simple-add-pages-or-posts&old=1111441%40simple-add-pages-or-posts

Classification

Type
CSRF
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-352
CVSS
6.5 (medium)

Miscellaneous

Verified
No
WPVDB ID
41fc529b-1f19-4b54-bacb-f40b0ed83e42

Timeline

Publicly Published
2016-02-02 (about 10 years ago)
Added
2019-06-22 (about 6 years ago)
Last Updated
2020-09-22 (about 5 years ago)

Other

Published
Title
Published
2023-01-17
Title
WP Customer Area < 8.1.4 - Unauthorised Actions via CSRF
Published
2018-05-28
Title
JS Job <= 1.0.6 - CSRF
Published
2024-02-05
Title
Contest Gallery < 21.2.9 - Cross-Site Request Forgery
Published
2026-01-23
Title
ZT Captcha <= 1.0.4 - Cross-Site Request Forgery to Settings Update
Published
2025-01-14
Title
Build Private Store For Woocommerce < 1.1 - Cross-Site Request Forgery