Description
Cross-site request forgery (CSRF) vulnerability in the retrospam component in wp-admin/options-discussion.php in WordPress 2.0.11 and earlier allows remote attackers to hijack the authentication of administrators for requests that move comments to the moderation list.
Remediation
References
Related Vulnerabilities
PHP Out-of-bounds Read Vulnerability (CVE-2019-9021)
WordPress Plugin Advanced Custom Fields (ACF) Arbitrary File Upload (5.12.2)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-2642)
WordPress Plugin FV Flowplayer Video Player SQL Injection (7.3.18.727)
Joomla Improper Access Control Vulnerability (CVE-2016-9838)