8 matches found
CVE-2019-14681
The Deny All Firewall plugin before 1.1.7 for WordPress allows wp-admin/options-general.php?page=dafsettingsremove=true CSRF...
WordPress Deny All Firewall plugin cross-site request forgery vulnerability
WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site request forgery vulnerability exists in versions of the WordPress Deny All Firewall plugin prior to 1.1.7, which...
CVE-2019-14681
The Deny All Firewall plugin before 1.1.7 for WordPress allows wp-admin/options-general.php?page=dafsettings&dafremove=true CSRF...
CVE-2019-14681
The Deny All Firewall plugin before 1.1.7 for WordPress allows wp-admin/options-general.php?page=dafsettings&dafremove=true CSRF...
Cross site request forgery (csrf)
The Deny All Firewall plugin before 1.1.7 for WordPress allows wp-admin/options-general.php?page=dafsettings&dafremove=true CSRF...
CVE-2019-14681
The Deny All Firewall plugin before 1.1.7 for WordPress allows wp-admin/options-general.php?page=dafsettings&dafremove=true CSRF...
CVE-2019-14681
CVE-2019-14681 affects the WordPress plugin Deny All Firewall up to version 1.1.6. The flaw is a CSRF in wp-admin/options-general.php?page=daf_settings&daf_remove=true that an attacker could trigger to perform unintended actions on behalf of an authenticated admin. Impact states partial confident...
WordPress Deny All Firewall plugin <= 1.1.6 - Cross-Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability found in WordPress Deny All Firewall plugin versions = 1.1.6. Solution Update the WordPress Deny All Firewall plugin to the latest available version at least 1.1.7...