Description
Cross-site request forgery (CSRF) vulnerability in the wp_ajax_wp_compression_test function in wp-admin/includes/ajax-actions.php in WordPress before 4.5 allows remote attackers to hijack the authentication of administrators for requests that change the script compression option.
Remediation
References
Related Vulnerabilities
WordPress Plugin Gravity Forms Unspecified Vulnerability (2.4.17)
MySQL CVE-2023-22115 Vulnerability (CVE-2023-22115)
WordPress Plugin Integration for WooCommerce and QuickBooks Cross-Site Scripting (1.1.8)
IBM RTC Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-29701)
WordPress Plugin Remove WP Update Nags Security Bypass (1.3.0)