Description
Cross-site request forgery (CSRF) vulnerability in the LocalFiles Editor plugin in Piwigo before 2.4.7 allows remote attackers to hijack the authentication of administrators for requests that create arbitrary PHP files via unspecified vectors.
Remediation
References
Related Vulnerabilities
WordPress Plugin Job Manager Cross-Site Scripting (0.7.24)
WordPress Plugin WP Mail Logging Cross-Site Scripting (1.11.1)
Oracle Database Server Other Vulnerability (CVE-2005-3445)
WordPress Plugin Gravity Forms Cross-Site Scripting (1.9.15.11)
WordPress Plugin Users to CSV Cross-Site Request Forgery (1.4.5)