Description
Cross-site request forgery (CSRF) vulnerability in the LocalFiles Editor plugin in Piwigo before 2.4.7 allows remote attackers to hijack the authentication of administrators for requests that create arbitrary PHP files via unspecified vectors.
Remediation
References
Related Vulnerabilities
Prototype CVE-2020-27511 Vulnerability (CVE-2020-27511)
WordPress Plugin Link Juice Keeper Cross-Site Scripting (2.0.2)
WordPress Plugin Woocommerce Category Banner Management Security Bypass (1.1.1)
WordPress Plugin WORDPRESS VIDEO GALLERY Multiple Vulnerabilities (2.3.1)
WordPress Plugin WPMK Ajax Finder Cross-Site Request Forgery (1.0.1)