7 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
35.5%
Cross-site request forgery (CSRF) vulnerability in the All in One Webmaster plugin before 8.2.4 for WordPress allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.
secunia.com/advisories/52877
wordpress.org/extend/plugins/all-in-one-webmaster/changelog/