WordPress is the Wordpress Foundation’s set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is a WordPress open source application plugin. cross-site request forgery vulnerability exists in versions prior to 1.6 of the QR Redirector plugin for WordPress, which stems from the QR_save_bulk AJAX operation when saving Batch QR Redirector settings are not checked for CSRF. An attacker could exploit this vulnerability to change the response status code of any QR redirect.