Vulnerability scan picked up a Cross-Site Request Forgery Description

  • Resolved jeremytlarsen

    (@jeremytlarsen)


    4 years, 9 months ago

    A vulnerability scan of the website picked up a Cross-Site Request Forgery Description vulnerability, regarding this URL in particular:

    /my-profile/nessuswas/?was=

    “nessuswas” is the account used by the scanner.

    The page I need help with: [log in to see the link]

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Support Ultimate Member Support

    (@ultimatemembersupport)

    Hi @jeremytlarsen,

    Can you please clarify what “vulnerability scanner” do you use and what version of the Ultimate member you have installed?
    I don’t see the Ultimate member profile layout on the link you’ve provided.
    Do you have other membership plugins installed on your website?

    Regards.

    Plugin Contributor Champ Camba

    (@champsupertramp)

    Hey there!

    This thread has been inactive for a while so we’re going to go ahead and mark it Resolved.

    Please feel free to re-open this thread if any other questions come up and we’d be happy to help. ??

    Regards,

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Vulnerability scan picked up a Cross-Site Request Forgery Description’ is closed to new replies.