Description There is CSRF in Serendipity 2.0.5, allowing attackers to install any themes via a GET request. Remediation References CVE-2017-8101 Related Vulnerabilities WordPress Plugin Cart66 Lite::WordPress Ecommerce Multiple Vulnerabilities (1.5.1.14) PHP-Fusion Authentication Bypass by Capture-replay Vulnerability (CVE-2020-23178) WordPress Plugin Daily Prayer Time SQL Injection (2022.02.28) WordPress Plugin Gift Vouchers (Gift Cards and Packages) (WooCommerce Supported) SQL Injection (1.0.5) MySQL CVE-2018-2762 Vulnerability (CVE-2018-2762) Severity High Classification CVE-2017-8101 CWE-352 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Tags Missing Update Known Vulnerabilities