Important: Bypass of CSRF prevention filter CVE-2012-4431
The CSRF prevention filter could be bypassed if a request was made to a protected resource without a session identifier present in the request.
Affected Apache Tomcat versions (7.0.0 - 7.0.31).
- Upgrade to the latest version of Apache Tomcat.
- WordPress 4.1.x Possible SQL Injection Vulnerability (4.1 - 4.1.19)
- WordPress 4.5.x Multiple Vulnerabilities (4.5 - 4.5.15)
- WordPress Plugin WooCommerce Product Feed for Google, Facebook, eBay and Many More Cross-Site Request Forgery (1.5.24)
- WordPress Plugin BBS e-Franchise SQL Injection (1.1.1)
- WordPress Plugin user files Arbitrary File Upload (2.4.2)