- A vulnerability in the way SSL and TLS protocols allow renegotiation requests may allow an attacker to inject plaintext into an application protocol stream. This could result in a situation where the attacker may be able to issue commands to the server that appear to be coming from a legitimate source. This issue affects SSL version 3.0 and TLS version 1.0.
- Users should contact vendors for specific patch information.
- WordPress Plugin WP REST API (WP API) Cross-Site Request Forgery (1.1)
- WordPress Plugin Lightbox Photo Gallery Cross-Site Request Forgery (1.0)
- WordPress Plugin WooCommerce Checkout For Digital Goods Cross-Site Request Forgery (2.2)
- WordPress Plugin Google Analyticator Cross-Site Request Forgery (126.96.36.199)
- WordPress Plugin Ready! Ecommerce Shopping Cart Multiple Cross-Site Request Forgery Vulnerabilities (0.5.0)