CVE-2015-6965
The CVE-2015-6965 entry describes multiple CSRF flaws in the WordPress Contact Form Generator plugin (version 2.0.1 and earlier) that allow an attacker to hijack administrator sessions by issuing crafted requests to the cfg_forms page under wp-admin/admin.php. Affected component is the plugin’s a...