WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Rotating Posts plugin version 1.11 and earlier versions are vulnerable to cross-site request forgery, which stems from the WEB plugin not performing CSRF checks when updating its settings. An attacker could use this vulnerability to get the logged-in administrator to change them via a CSRF attack.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress rotating posts plugin | le | 1.11 |