What the vulnerability does
01Description
Unauthenticated Cross Site Request Forgery (CSRF) in WP Migrate Lite <= 2.7.8 versions.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:L
What the vulnerability does
Unauthenticated Cross Site Request Forgery (CSRF) in WP Migrate Lite <= 2.7.8 versions.
Explanation of Vulnerability in Simple Terms
WP Migrate Lite versions up to 2.7.8 are vulnerable to cross-site request forgery (CSRF) attacks. An attacker can trick a site administrator into performing unintended actions by crafting a malicious link or page. The vulnerability requires user interaction and can disrupt site availability. Update to a version newer than 2.7.8 to resolve this issue.
What an attacker can do
Trick an admin into performing unintended actions on the site via a malicious link or page.
Potential impact on your site
An attacker can disrupt your site's availability by tricking you into unintended actions without your knowledge.
Conditions required to exploit
Site admin must visit a malicious page or click a crafted link while logged into WordPress.
Key dates
External resources
Related vulnerabilities