Cross Site Request Forgery (CSRF) vul still active | ww.wp.xz.cn

Resolved remotetohome
(@remotetohome)

8 months, 1 week ago

Hi. I enjoyed this plugin (thank you!) but had to disable it many months ago due to the vulnerability. Is there a plan to patch this in future releases?

https://patchstack.com/database/wordpress/plugin/disable-admin-notices/vulnerability/wordpress-disable-admin-notices-individually-plugin-1-3-5-cross-site-request-forgery-csrf-vulnerability?_a_id=431

Viewing 1 replies (of 1 total)

Plugin Support Stefan Cotitosu
(@stefancotitosu)

6 months, 2 weeks ago

Hi remotetohome,

Thank you for taking the time to report this issue and helping us keep the plugin secure. Our development team is working on a fix and will include it in the next release.

Best regards,

Viewing 1 replies (of 1 total)

The topic ‘Cross Site Request Forgery (CSRF) vul still active’ is closed to new replies.

1 reply
2 participants
Last reply from: Stefan Cotitosu
Last activity: 6 months, 2 weeks ago
Status: resolved