Description
The login form in Roundcube Webmail before 0.5.1 does not properly handle a correctly authenticated but unintended login attempt, which makes it easier for remote authenticated users to obtain sensitive information by arranging for a victim to login to the attacker's account and then compose an e-mail message, related to a "login CSRF" issue.
Remediation
References
Related Vulnerabilities
WebLogic CVE-2022-21262 Vulnerability (CVE-2022-21262)
WordPress Plugin FPW Category Thumbnails Multiple Unspecified Vulnerabilities (1.6.7)
WordPress Plugin Better WordPress reCAPTCHA (with no CAPTCHA reCAPTCHA) Cross-Site Scripting (2.0.3)
WordPress Plugin Simple Download Monitor Multiple Vulnerabilities (3.8.8)