Description
Cross-site request forgery (CSRF) vulnerability in the LocalFiles Editor plugin in Piwigo before 2.4.7 allows remote attackers to hijack the authentication of administrators for requests that create arbitrary PHP files via unspecified vectors.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP e-Commerce Shop Styling Local File Inclusion (2.9.1)
WordPress Plugin Import any XML or CSV File to WordPress Pro Multiple Vulnerabilities (4.1.1)
MySQL CVE-2015-4819 Vulnerability (CVE-2015-4819)
TYPO3 Use of Insufficiently Random Values Vulnerability (CVE-2010-3666)
WordPress Plugin Popup Maker-Popup for opt-ins, lead gen, & more Cross-Site Request Forgery (1.18.0)