Description
In WordPress before 4.7.5, a Cross Site Request Forgery (CSRF) vulnerability exists in the filesystem credentials dialog because a nonce is not required for updating credentials.
Remediation
References
Related Vulnerabilities
WebLogic CVE-2018-2893 Vulnerability (CVE-2018-2893)
MySQL CVE-2020-14559 Vulnerability (CVE-2020-14559)
Joomla! Core 1.0.x Multiple Cross-Site Scripting Vulnerabilities (1.0.0 - 1.0.12)
XOOPS Permissions, Privileges, and Access Controls Vulnerability (CVE-2009-4851)
Internet Information Services Other Vulnerability (CVE-2000-0025)