Description
Cross-site request forgery (CSRF) vulnerability in the retrospam component in wp-admin/options-discussion.php in WordPress 2.0.11 and earlier allows remote attackers to hijack the authentication of administrators for requests that move comments to the moderation list.
Remediation
References
Related Vulnerabilities
WordPress Plugin InfiniteWP Client Unspecified Vulnerability (1.3.14)
SharePoint CVE-2020-1338 Vulnerability (CVE-2020-1338)
WordPress Plugin Media Library Assistant Multiple Vulnerabilities (2.65)
WordPress Plugin Acurax On Click Pop Under Multiple Unspecified Vulnerabilities (2.2.1)
Mailman Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2006-4624)