Description
Cross-site request forgery (CSRF) vulnerability in wp-admin/index.php in WordPress 3.4.2 allows remote attackers to hijack the authentication of administrators for requests that modify an RSS URL via a dashboard_incoming_links edit action.
Remediation
References
Related Vulnerabilities
WordPress Plugin Thrive Quiz Builder Security Bypass (2.3.9.3)
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-20405)
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery SQL Injection (1.2.7)
Squid Improper Input Validation Vulnerability (CVE-2019-12520)
WordPress Plugin easyping-website subscriptions done right PHP Object Injection (0.0.1)