Hackers have found a way to take control of a website’s administrator account in versions of WordPress 2.0.11 and earlier. This would allow them to move comments to the moderation list without the administrator’s permission. This type of attack is called Cross-site Request Forgery (CSRF) vulnerability.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
