CVE-2015-2039
The CVE-2015-2039 issue affects the WordPress plugin Acobot Live Chat & Contact Form (version 2.0). The vulnerability is a CSRF vulnerability that can be combined with XSS to hijack an administrator’s authentication for actions such as changing plugin settings (via acobot_token on wp-admin/option...