Description
The link to update all installed language packs did not include the necessary token to prevent a CSRF risk.
Remediation
References
Related Vulnerabilities
WordPress 4.8.x Directory Traversal (4.8 - 4.8.24)
Oracle Database Server CVE-2006-1876 Vulnerability (CVE-2006-1876)
Ruby Improper Input Validation Vulnerability (CVE-2008-3657)
Oracle Database Server CVE-2011-0830 Vulnerability (CVE-2011-0830)
WordPress Plugin Custom css-js-php Cross-Site Request Forgery (2.0.7)