Searchenginejournal.com

WP Statistics WordPress Plugin Patches CSRF Vulnerability

The United States Government National Vulnerability Database (NVD) published an advisory about a vulnerability discovered in the WP Statistics WordPress plugin that affects up to 600,000 active ...
Searchenginejournal.com

Inspiro WordPress Theme Vulnerability Affects Over 70,000 Sites

A vulnerability advisory was published for the Inspiro WordPress theme by WPZoom. The vulnerability arises due to a missing or incorrect security validation that enables an unauthenticated attacker to ...
Dark Reading

IBM Adds CSRF Scanning to Watchfire Tool

IBM today will release a new version of the Watchfire AppScan vulnerability scanning tool that can test for the pervasive cross-site request forgery (CSRF) vulnerability found in many Web applications ...
Dark Reading

What's Bugging the NSA? A Vuln in Its 'SkillTree' Training Platform

The National Security Agency (NSA) has patched a cross-site request forgery (CSRF) vulnerability in its open source employee training platform known as SkillTree, showcasing how difficult this class ...
CSOonline

Cisco patches serious flaws in Expressway and ClamAV

Cisco has fixed three serious cross-site request forgery (CSRF) vulnerabilities in its Expressway Series collaboration gateway and a denial-of-service (DoS) flaw in the ClamAV anti-malware engine.
InfoWorld

Serious bug in widely used Java app library patched

The CSRF-style bug in Java Spring Social core library affected websites that allowed users to log in with credentials from LinkedIn, Twitter, GitHub, and Facebook, among others A serious cross-site ...