WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Plugin Vulnerabilities

Name Directory < 1.18 - Cross-Site Request Forgery (CSRF)

Description

The plugin was affected by CSRF issues, allowing attackers to make a logged in administrator perform unwanted actions

Affects Plugins

name-directory
Fixed in version 1.18

References

URL
https://jvn.jp/en/jp/JVN50470170/

Classification

Type

CSRF

OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-352

Miscellaneous

Original Researcher

Yuta Asai

Verified

No

WPVDB ID
cfaaa828-20d1-4d68-83af-bae589ed8db4

Timeline

Publicly Published

2021-02-05 (about 2 years ago)

Added

2021-02-05 (about 2 years ago)

Last Updated

2021-02-06 (about 2 years ago)

Our Other Services

WPScan WordPress Security Plugin