Description In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/news.php. Remediation References CVE-2017-15732 Related Vulnerabilities WordPress CVE-2016-5837 Vulnerability (CVE-2016-5837) Moodle Improper Authentication Vulnerability (CVE-2022-0985) Trac URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2008-2951) WordPress Plugin Testimonial-Best Testimonial Slider Cross-Site Scripting (2.1.6) WordPress 3.7.x Multiple Vulnerabilities (3.7 - 3.7.18) Severity High Classification CVE-2017-15732 CWE-352 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Tags Missing Update Known Vulnerabilities