Description
Dolibarr 7.0.0 is affected by: Cross Site Request Forgery (CSRF). The impact is: allow malitious html to change user password, disable users and disable password encryptation. The component is: Function User password change, user disable and password encryptation. The attack vector is: admin access malitious urls.
Remediation
References
Related Vulnerabilities
WordPress Plugin InstaWP Connect-1-click WP Staging & Migration Arbitrary File Upload (0.1.0.22)
WordPress Plugin GTM4WP Cross-Site Scripting (1.9)
WordPress Plugin Simple Login Log Multiple Vulnerabilities (0.9.3)
WordPress Plugin Wp-D3 Cross-Site Request Forgery (2.4)
WordPress Plugin Gmail SMTP Arbitrary File Disclosure (1.1.0)