WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress Rename wp-login.php plugin version 2.6.0 and earlier is vulnerable to cross-site request forgery, which is caused by a CSRF check that is not performed when updating login passwords. An attacker could use this vulnerability to cause the administrator to change the update settings via a CSRF attack.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress rename wp-login.php plugin | lt | 2.6.0 |