Description
WordPress Plugin DW Question & Answer is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently e.g. delete or edit answers. WordPress Plugin DW Question & Answer version 1.2.9 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.2.10 or latest
References
Related Vulnerabilities
Oracle Application Server Other Vulnerability (CVE-2002-0564)
CakePHP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-8379)
WordPress Plugin WP Mail Logging Cross-Site Scripting (1.11.1)
WordPress Plugin G-Lock Double Opt-in Manager 'ajaxbackend.php' SQL Injection (2.6.2)
OpenSSL Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2019-1559)