First published: Wed Sep 25 2019(Updated: )
The Watu Pro plugin before 4.9.0.8 for WordPress has CSRF that allows an attacker to delete quizzes.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Kibokolabs Watupro | <4.9.0.8 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2015-9418.
The title of the vulnerability is 'CSRF in Watu Pro plugin allows an attacker to delete quizzes'.
The severity of CVE-2015-9418 is medium with a severity value of 4.3.
The CSRF vulnerability in Watu Pro plugin allows an attacker to send unauthorized requests on behalf of a user, leading to the deletion of quizzes.
To fix the CSRF vulnerability in Watu Pro plugin, update to version 4.9.0.8 or newer.