Description In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) for adding a glossary. Remediation References CVE-2017-15729 Related Vulnerabilities WordPress Plugin Dokan-Best WooCommerce Multivendor Marketplace Solution-Build Your Own Amazon, eBay, Etsy Cross-Site Request Forgery (3.2.0) Joomla! Core Arbitrary File Upload (2.5.0 - 3.8.7) WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-16218) WordPress Plugin Quiz and Survey Master (QSM)-Easy Quiz and Survey Maker Cross-Site Scripting (7.1.13) WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-2203) Severity High Classification CVE-2017-15729 CWE-352 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Tags Missing Update Known Vulnerabilities