WordPress: CSRF to HTML Injection in Comments

2018-10-24T15:06:27
ID H1:428019
Type hackerone
Reporter simonscannell
Modified 2019-05-13T19:15:09

Description

Simon discovered a CSRF vulnerability that led to RCE. More details are available on the RIPS blog.