2020-12-29 17:46:23
mitre
PUBLISHED
The site-offline plugin before 1.4.4 for WordPress lacks certain wp_create_nonce and wp_verify_nonce calls, aka CSRF.