Description
WordPress Plugin GA Universal is prone to a cross-site request forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain administrative actions and gain unauthorized access to the affected application; other attacks are also possible. WordPress Plugin GA Universal version 1.0 is vulnerable.
Remediation
Update to plugin version 1.0.1 or latest
References
Related Vulnerabilities
Atlassian Jira Incorrect Default Permissions Vulnerability (CVE-2019-14995)
Apache Tomcat Improper Authentication Vulnerability (CVE-2011-5063)
WordPress Plugin Bricks Remote Code Execution (1.9.6)
WordPress Plugin Backup Migration Cross-Site Scripting (1.1.5)
WordPress Plugin JSM file_get_contents() Shortcode Server-Side Request Forgery (2.7.0)