WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress New User Email Set Up plugin version 0.5.2 and earlier versions are vulnerable to cross-site request forgery, which stems from a CSRF check that is not performed when updating its settings. An attacker could exploit this vulnerability to allow logged-in administrators to change them via a CSRF attack.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress new user email set up plugin | lt | 0.5.2 |