Description
Multiple cross-site request forgery (CSRF) vulnerabilities in the "My Account" feature in PHPList Integration module 5 before 5.x-1.2 and 6 before 6.x-1.1 for Drupal allow remote attackers to hijack the authentication of arbitrary users via vectors related to (1) subscribing or (2) unsubscribing to mailing lists.
Remediation
References
Related Vulnerabilities
WordPress Plugin MapifyLite (by MapifyPro) Cross-Site Scripting (3.3)
WordPress Plugin Conduit Banner 'banner-index-field-id' Parameter Cross-Site Scripting (0.2)
MySQL CVE-2013-1552 Vulnerability (CVE-2013-1552)
WordPress Plugin iThemes Security (formerly Better WP Security) Multiple Vulnerabilities (3.6.3)
WordPress Plugin Download Manager Directory Traversal (3.2.54)