Description
Cross-site request forgery (CSRF) vulnerability in global.php in MyBB before 1.6.5 allows remote attackers to hijack the authentication of a user for requests that change the user's language via the language parameter.
Remediation
References
Related Vulnerabilities
WordPress Plugin Sign-up Sheets Cross-Site Scripting (1.0.13)
WordPress Plugin WordPress Landing Pages Unspecified Vulnerability (2.0.2)
WordPress Plugin LearnPress-WordPress LMS Multiple Cross-Site Scripting Vulnerabilities (4.1.3)
PHP Resource Management Errors Vulnerability (CVE-2007-4660)
WordPress Plugin Conditional Marketing Mailer for WooCommerce Security Bypass (1.5.1)