Description
Cross-site request forgery (CSRF) vulnerability in WordPress before 4.7.1 allows remote attackers to hijack the authentication of unspecified victims via vectors involving a Flash file upload.
Remediation
References
Related Vulnerabilities
WordPress 3.7.x Arbitrary File Deletion Vulnerability (3.7 - 3.7.26)
Nexus Repository Manager Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-43293)
WordPress Plugin Cookie Notice & Compliance for GDPR/CCPA Cross-Site Scripting (2.1.1)
PrestaShop Incorrect Authorization Vulnerability (CVE-2020-5279)
WordPress Plugin Online Hotel Booking System Pro SQL Injection (1.0)