Contextual Related Posts < 2.9.4 - CSRF Nonce Validation Bypass

System : Plugin WordPress

Name System : Contextual Related Posts

Link: https://pt.wordpress.org/plugins/contextual-related-posts/

Version : < 294

Number targets: 80.000 active downloads

Vulnerability type : CSRF

Proof of Concept : Waiting

Patch fixed : https://plugins.trac.wordpress.org/changeset/2387037/contextual-related-posts/trunk/includes/admin/modules/tools.php

Published:

https://wpscan.com/vulnerability/10473

Author: lenonleite