CVE-2021-4408
The CVE-2021-4408 entry concerns the DW Question & Answer plugin for WordPress. A Cross-Site Request Forgery flaw exists in versions up to and including 1.5.8 due to missing or incorrect nonce validation in the update_answer() function, enabling unauthenticated attackers to update answers to ques...