Description
The link to update all installed language packs did not include the necessary token to prevent a CSRF risk.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP-RecentComments Information Disclosure (2.2.7)
WordPress Plugin Easy Career Openings Cross-Site Scripting (0.4)
PHP Other Vulnerability (CVE-2015-8880)
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-5624)
WordPress Plugin Filedownload Multiple Vulnerabilities (1.4)