WordPress Cross-site Request Forgery Vulnerability (CNVD-2021-59587)

WordPress is a set of blogging platforms developed by the WordPress (Wordpress) Foundation using the PHP language. The platform supports the hosting of personal blog sites on PHP and MySQL servers.A cross-site request forgery vulnerability exists in the WooCommerce Stock Manager WordPress plugin, which stems from a vulnerability in the product /woocommerce-stock-manager/trunk/admin/ The Arbitrary File Upload in the views/import-export.php file does not properly handle user input data, and an attacker can execute client-side code through this vulnerability.