Additional WordPress plugins and themes were found to be vulnerable to CSRF attacks.
Twenty five plugins for WordPress were found to be vulnerable to cross-site request forgery (CSRF) attacks.
February 01, 2021 NinjaScanner v3.0.6 Fixed a potential “Missing Lock File” error that may occur on slow servers. Added streaming to the wp_remote_get function to lower…
The WordPress WP Quick FrontEnd Editor plugin (1,000+ active installations) is prone to a broken access control vulnerability affecting version 5.5 and below that could lead to authenticated content injection, stored XSS and settings change.
The WordPress Kali Forms plugin (30,000+ active installations) fixed multiple vulnerabilities affecting version 2.1.2 and below.