WordPress is a set of blogging platform developed by the Wordpress Foundation using the PHP language. The platform supports the hosting of personal blog sites on servers with PHP and MySQL. A cross-site request forgery vulnerability exists in the WordPress Wechat Reward plugin in versions 1.7 and earlier, which stems from the WEB application not adequately verifying that the request is from a trusted user. An attacker could use a spoofed malicious request to trick a victim into clicking through to perform a sensitive action.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress wechat reward plugin | le | 1.7 |