Description
There is CSRF in Serendipity 2.0.5, allowing attackers to install any themes via a GET request.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Private Message Insecure Direct Object Reference (1.0.5)
Jboss EAP Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-12617)
Oracle Application Server CVE-2007-3854 Vulnerability (CVE-2007-3854)
Oracle JRE CVE-2013-2461 Vulnerability (CVE-2013-2461)
WordPress Plugin Custom Login Redirect Cross-Site Request Forgery (1.0.0)