Cross site request forgery (csrf)
WordPress 2.6.3 relies on the REQUEST superglobal array in certain dangerous situations, which makes it easier for remote attackers to conduct delayed and persistent cross-site request forgery CSRF attacks via crafted cookies, as demonstrated by attacks that 1 delete user accounts or 2 cause a...