CVE-2019-6027
HIGH WAF: Low
CVSS 8.8
Published: 2019-12-26
CWE-352
Cross-site request forgery (CSRF) vulnerability in WP Spell Check 7.1.9 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
WAF Coverage Analysis
Cross-Site Request Forgery (CSRF)
Low WAF Coverage
OWASP: A01:2021 Broken Access Control
Affected Software
| Vendor | Product | Version |
|---|---|---|
| wpspellcheck | wpspellcheck | up to 7.1.9 |
References
- jvn.jp (Third Party Advisory)
- wordpress.org (Product, Release Notes, Vendor Advisory)