Description
Cross-site request forgery (CSRF) vulnerability in Piwigo through 2.9.1 allows remote attackers to hijack the authentication of users for requests to delete permalinks via a crafted request.
Remediation
References
Related Vulnerabilities
WordPress Plugin ALO EasyMail Newsletter Multiple Vulnerabilities (2.6.00)
WordPress Plugin Product Catalog Arbitrary File Upload (3.1.1)
WordPress Plugin Two Way CHAT-Send or receive messages to your user Multiple Vulnerabilities (3.1.4)
WordPress Plugin Shop Page WP Cross-Site Scripting (1.2.7)
WordPress Plugin Popup Maker-Popup for opt-ins, lead gen, & more Cross-Site Scripting (1.16.4)