Description
Multiple cross-site request forgery (CSRF) vulnerabilities in Drupal 5.x before 5.10 and 6.x before 6.4 allow remote attackers to hijack the authentication of administrators for requests that (1) add or (2) delete user access rules.
Remediation
References
Related Vulnerabilities
WordPress Plugin Two Way CHAT-Send or receive messages to your user Multiple Vulnerabilities (3.1.4)
WordPress Plugin Smash Balloon Social Post Feed Cross-Site Scripting (2.19.1)
WordPress Plugin Testimonial Rotator Cross-Site Scripting (3.0.3)
WordPress Plugin BackupBuddy Information Disclosure (2.2.28)
WordPress Plugin WordPress Backup and Migrate-Backup Guard Cross-Site Request Forgery (1.1.90)