|Category:||Web application abuses|
|Title:||WordPress Real-Time Find and Replace Plugin < 4.0.2 CSRF Vulnerability|
|Summary:||The WordPress plugin Real-Time Find and Replace is prone to; a cross-site request forgery (CSRF) vulnerability.|
The WordPress plugin Real-Time Find and Replace is prone to
a cross-site request forgery (CSRF) vulnerability.
The far_options_page function does not do any nonce verification,
allowing for requests to be forged on behalf of an administrator. The find and replace rules
Successful exploitation would allow an attacker to
perform actions in the context of an administrator.
WordPress Real-Time Find and Replace plugin through version 4.0.1.
Update to version 4.0.2.
Common Vulnerability Exposure (CVE) ID: CVE-2020-13641|
|Copyright||Copyright (C) 2020 Greenbone Networks GmbH|
|This is only one of 85075 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.