Description
Enabling and disabling installed H5P libraries did not include the necessary token to prevent a CSRF risk.
Remediation
References
Related Vulnerabilities
Oracle Database Server CVE-2006-0283 Vulnerability (CVE-2006-0283)
WordPress Plugin demon image annotation Cross-Site Request Forgery (4.7)
WordPress Plugin Master Slider-Responsive Touch Slider Cross-Site Scripting (2.7.1)
WordPress Plugin Print-O-Matic Cross-Site Scripting (2.1.7)
WordPress Plugin Viper's Video Quicktags Unspecified Vulnerability (6.4.4)