Cross Site Request Forgery (CSRF)

  • Resolved Peter

    (@hardpeter4u)


    12 months ago

    Hi,

    I have a couple of warnings on my site about:

    Cross Site Request Forgery (CSRF) <=2.2.5 and Content Injection <=2.2.5

    I’m sure you’re probably aware, but thought I’d mention it.

    Thanks again,

    Peter

Viewing 2 replies - 1 through 2 (of 2 total)
  • verysiberian

    (@verysiberian)

    Yes, unfortunately, I have the same warnings. The MalCare plugin reports the following:

    We have detected vulnerabilities on your site(s). These vulnerabilities can be exploited by a hacker to wreck havoc on your websites.

    Vulernable plugins: wpForo (2.2.5)

    It is advised that you immediately act on this. We recommend that you :
    1) Update the Vulnerable plugin/theme.
    2) Delete the Vulnerable plugin/theme if it is not being used.

    • This reply was modified 12 months ago by verysiberian. Reason: Removed accidental HTML markup
    Plugin Author gVectors Team

    (@gvectors-team)

    Hi @hardpeter4u and @verysiberian,

    Please update to 2.2.6 version.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Cross Site Request Forgery (CSRF)’ is closed to new replies.