WordPress DW Question & Answer plugin <= 1.5.7 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability discovered by Jerome Bruandet NinTechNet in WordPress DW Question & Answer plugin versions = 1.5.7. Solution 21st June 2021 - no fix available...

WordPress DW Question & Answer Plugin <= 1.4.2.2 - Stored XSS

Because of this vulnerability, the attackers can inject arbitrary JavaScript or HTML code. Solution Update the plugin...