Multiple cross-site request forgery (CSRF) vulnerabilities in the Keyword Research module 6.x-1.x before 6.x-1.2 for Drupal allow remote attackers to hijack the authentication of users with the βkwresearch admin site keywordsβ permission for requests that (1) create, (2) delete, or (3) set priorities to keywords via unspecified vectors.