Description In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) for adding a glossary. Remediation References CVE-2017-15729 Related Vulnerabilities WordPress Plugin Shield Security-Smart Bot Blocking & Intrusion Prevention Security Cross-Site Scripting (8.2.2) WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Security Bypass (1.3.83) Squid Out-of-bounds Read Vulnerability (CVE-2022-41318) Roundcube Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2013-1904) Oracle JRE CVE-2013-5823 Vulnerability (CVE-2013-5823) Severity High Classification CVE-2017-15729 CWE-352 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Tags Missing Update Known Vulnerabilities