WordPress is a set of blogging platforms developed using the PHP language by the WordPress (Wordpress) Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. cross-site request forgery vulnerability exists in versions of the Accept Donations with PayPal plugin for WordPress prior to 1.3.4. The vulnerability stems from the plugin’s lack of CSRF checks and its inability to ensure that posts to be deleted belong to the plugin, which can be exploited by attackers to Login administrator to delete arbitrary posts from the blog.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress accept donations with paypal plugin | lt | 1.3.4 |