CVE-2015-9342

CVE-2015-9342 affects the WordPress plugin wp-rollback prior to version 1.2.3, with a cross-site scripting (XSS) vulnerability due to insufficient validation of client-side data. Some sources also indicate CSRF risk for older builds (

CVE-2015-9343

CVE-2015-9343 affects the WordPress wp-rollback plugin, where versions prior to 1.2.3 are vulnerable to CSRF due to insufficient verification that requests originate from a trusted user. Red Hat and CNVD entries explicitly state CSRF; other sources corroborate the same vulnerability in this plugi...