Please update changelog
-
Changelog for 5.2.0 says: “Fixed slightly possible CSFR Bug”. It should tell CSRF security vulnerability has been fixed and include references (at least CVE identifier). Here is proof of concept: https://www.openwall.com/lists/oss-security/2013/05/16/8 for CVE-2013-2107. Other references:
– https://osvdb.org/93452
– https://github.com/wpscanteam/wpscan/issues/188
– https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2107 (will be updated)
Viewing 1 replies (of 1 total)
Viewing 1 replies (of 1 total)
- The topic ‘Please update changelog’ is closed to new replies.
