CSRF Security Vulnerability | WordPress.org

daniel.vos
(@danielvos)

4 months, 2 weeks ago

I’ve received a notice from Solid Security that this plugin is vulnerable to a CSRF attack:

Any ETA on a fix for this?

The page I need help with: [log in to see the link]

Viewing 2 replies - 1 through 2 (of 2 total)

Plugin Author macbookandrew
(@macbookandrew)

4 months, 2 weeks ago

@danielvos thanks for letting me know; this is the first I’d heard of it. I don’t have an ETA yet; will need to get specific details from Patchstack first.

WFRM IT Staff
(@wfrmitstaff)

3 months ago

Hi, any news about security issue reported by Patchstack at https://patchstack.com/database/wordpress/plugin/wp-youtube-live/vulnerability/wordpress-wp-youtube-live-plugin-1-10-0-cross-site-request-forgery-csrf-vulnerability ?

The issue was originally reported by “Mika” https://patchstack.com/database/researcher/5ade6efe-f495-4836-906d-3de30c24edad, maybe you can contact him to get more details.

Or you can try co contact Darius Sveikauskas (Patchstack):
https://wordpress.org/support/users/darius_fx/

Thanks in advance for your cooperation.

Viewing 2 replies - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.

3 replies
3 participants
Last reply from: WFRM IT Staff
Last activity: 3 months ago
Status: not resolved