The WordPress plugin “bbPress Members Only” was recently found to be vulnerable to CSRF (Cross-Site Request Forgery) attacks. This affects versions before 1.2.1. CSRF attacks are a type of attack that forces an authenticated user to perform an action on a web application that they did not intend to do. Generally, this may happen with some form of social engineering (such as phishing) where the authenticated user clicks a link that ultimately sends a request on that user’s behalf. Depending on the web application, successful CSRF attacks can be used to do anything that the user can, including the creation of a new account or privilege escalation for the attacker.
Watch the Video
How does Binary Defense help protect your organization? With best in breed cybersecurity tactics, techniques, and services, we make sure that your environment is secure against the most advanced attacks.