CVE-2019-12826
CVE-2019-12826 affects the WordPress Widget Logic plugin (widget_logic.php) prior to version 5.10.2. The vulnerability is a CSRF that allows remote attackers to inject and execute PHP code by crafting a malicious POST request, leveraging snippets stored in widgets that are eval’d to determine vis...