WordPress is the Wordpress Foundation’s suite of blogging platforms developed using the PHP language. The platform supports personal blogging sites on servers with PHP and MySQL. cross-site request forgery vulnerability exists in versions of the WordPress Support Board plugin prior to 3.3.6, which stems from the plugin not having any CSRF checking operations handled by the included ajax.php file. An attacker could exploit this vulnerability to administrator users.