WordPress Plugin Vulnerabilities
Multiple Plugins - CSRF Bypass
Description
Multiple plugins are affected by CSRF issues due to a logic flaw in their CSRF checks, which could allow attackers to make users perform unwanted actions
rucy <= 0.4.4
wp-backgrounds-lite <= 2.3
wp-security-questions <= 1.0.5
photo-contest <= 1.0.6
opal-estate <= 1.6.11
rays-grid <= 1.2.2
Affects Plugins
No known fix
No known fix
No known fix 
Fixed in 4.10.14
No known fix
No known fix
Fixed in 3.3.2
Fixed in 1.2.3
Fixed in 2.5.7.3 References
Classification
Type
CSRF
OWASP top 10
CWE
CVSS
Miscellaneous
Original Researcher
Jerome Bruandet (nintechnet)
Verified
Yes
WPVDB ID
Timeline
Publicly Published
2021-08-16 (about 2 years ago)
Added
2021-08-16 (about 2 years ago)
Last Updated
2023-07-12 (about 10 months ago)
WPScan 