Additional WordPress plugins and themes were found to be vulnerable to CSRF attacks.
Twenty five plugins for WordPress were found to be vulnerable to cross-site request forgery (CSRF) attacks.
November 22, 2020 NinjaFirewall (Pro+/Pro) v4.2 Pro+ Edition (Premium): Added a new access control section: “User Input Access Control”. It can be used to ignore or…
The WordPress Kali Forms plugin (30,000+ active installations) fixed multiple vulnerabilities affecting version 2.1.2 and below.
The WordPress Brizy Page Builder plugin (60,000+ active installations) fixed a broken access control vulnerability affecting version 1.0.125 and below that could allow any authenticated user to gain full access to the editor.