The Gwolle Guestbook WordPress plugin was affected by a Cross-Site Request Forgery (CSRF) security vulnerability.
seclists.org/bugtraq/2017/Mar/4
sumofpwn.nl/advisory/2016/gwolle_guestbook_mass_action_vulnerable_for_cross_site_request_forgery.html