Description phpMyFAQ before 2.9.11 allows CSRF. Remediation References CVE-2018-16650 Related Vulnerabilities MongoDb Improper Certificate Validation Vulnerability (CVE-2023-1409) WordPress Plugin Abstract Submission Local File Inclusion (0.6) WordPress Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2014-6412) MySQL CVE-2021-2007 Vulnerability (CVE-2021-2007) WordPress Plugin Backup, Restore and Migrate WordPress Sites With the XCloner Cross-Site Request Forgery (4.2.152) Severity High Classification CVE-2018-16650 CWE-352 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Tags Missing Update Known Vulnerabilities