WP-Reply Notify <= 1.1 - Settings Update via CSRF

Description The plugin does not have a CSRF check in place when updating its settings, which could allow attackers to make a logged-in admin change them via a CSRF attack. Make an admin open an HTML page containing the following: document.forms0.submit;...

Doorgets CSRF Vulnerability

With this vulnerability you can change the configuration of the site. Title Slogan Description Copyright Year of creation Keywords ID Facebook Disqus doorgets-home doorgets-light 0day.today 2018-04-03...