Contextual Related Posts < 2.9.4 - CSRF Nonce Validation Bypass
System : Plugin WordPress
Name System : Contextual Related Posts
Link: https://pt.wordpress.org/plugins/contextual-related-posts/

Version : < 294
Number targets: 80.000 active downloads
Vulnerability type : CSRF
Proof of Concept : Waiting
Patch fixed : https://plugins.trac.wordpress.org/changeset/2387037/contextual-related-posts/trunk/includes/admin/modules/tools.php

Published: