Description
WordPress Plugin Twitter LiveBlog is prone to a cross-site request forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain administrative actions and gain unauthorized access to the affected application; other attacks are also possible. WordPress Plugin Twitter LiveBlog version 1.1.2 is vulnerable; prior versions may also be affected.
Remediation
Edit the source code to ensure that CSRF protection is implemented with Nonce-like mechanism or disable the plugin until a fix is available
References
Related Vulnerabilities
WordPress 3.9.x Multiple Vulnerabilities (3.9 - 3.9.21)
Lighttpd Resource Management Errors Vulnerability (CVE-2012-5533)
GlassFish CVE-2017-3249 Vulnerability (CVE-2017-3249)
PrestaShop Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2019-13461)
WordPress Plugin Catch Duplicate Switcher Security Bypass (1.5.2)