WordPress is the WordPress Foundation’s set of blogging platforms developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. cross-site request forgery vulnerability exists in versions of the WordPress Post Snippets plugin prior to 3.1.4, which stems from the plugin’s lack of CSRF checks when importing files. An attacker could exploit this vulnerability to import arbitrary code snippets via the login administrator.