Notifications
Clear all
Dec 06, 2023 7:26 pm
Hi
Defender Pro security plugin is continually picking this up over the last few updates:
#WordPress wpForo plugin <= 2.2.7 - Cross Site Request Forgery (CSRF) on Sign-out vulnerability
-Vulnerability type: Cross Site Request Forgery (CSRF)
Anything to worry about?
4 Replies
Dec 06, 2023 7:51 pm
Real issue or not, if you have
Ninja Fireall for Wordpress, correctly configured
https://wordpress.org/plugins/ninjafirewall/
there is nothing to worry about. BE PROACTIVE.
Dec 06, 2023 7:56 pm
Translate
▼
English
Spanish
French
German
Italian
Portuguese
Russian
Chinese
Japanese
Korean
Arabic
Hindi
Dutch
Polish
Turkish
Vietnamese
Thai
Swedish
Danish
Finnish
Norwegian
Czech
Hungarian
Romanian
Greek
Hebrew
Indonesian
Malay
Ukrainian
Bulgarian
Croatian
Slovak
Slovenian
Serbian
Lithuanian
Latvian
Estonian
I have server-side WAF as well as the Defender Pro firewall.
I think another might be overkill!
Dec 06, 2023 9:20 pm
This is a false positive report. This issue has been fixed in 2.2.3 version, however the problem report don't response to our emails and don't remove it. So this is a outdated wrong information.
Dec 06, 2023 9:26 pm
Translate
▼
English
Spanish
French
German
Italian
Portuguese
Russian
Chinese
Japanese
Korean
Arabic
Hindi
Dutch
Polish
Turkish
Vietnamese
Thai
Swedish
Danish
Finnish
Norwegian
Czech
Hungarian
Romanian
Greek
Hebrew
Indonesian
Malay
Ukrainian
Bulgarian
Croatian
Slovak
Slovenian
Serbian
Lithuanian
Latvian
Estonian