The Deny All Firewall plugin for WordPress (version 1.1.7 or earlier) was vulnerable to a type of cyber attack called Cross-Site Request Forgery (CSRF). This attack allowed attackers to make changes to the settings of the plugin without the user’s knowledge. The plugin has since been updated to address this issue.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
