Posted on

Deny All Firewall Plugin up to 1.1.6 on WordPress options-general.php cross site request forgery

A vulnerability classified as problematic has been found in Deny All Firewall Plugin up to 1.1.6 on WordPress (Firewall Software). Affected is an unknown part of the file wp-admin/options-general.php?page=daf_settings&daf_remove=true. Upgrading to version 1.1.7 eliminates this vulnerability.