CVE-2020-36756
The CVE-2020-36756 entry describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress 10WebAnalytics plugin up to version 1.2.8. The root cause is missing or incorrect nonce validation in the create_csv_file() function, enabling unauthenticated attackers to forge requests that cau...