Description
WordPress Plugin Dean's Permalinks Migration is prone to a vulnerability which can be exploited by malicious people to conduct cross-site request forgery attacks. The vulnerability is caused due to the application allowing users to perform certain actions via HTTP requests without performing any validity checks to verify the request. This can be exploited to e.g. conduct script insertion attacks against the PermalinksMigration page. WordPress Plugin Dean's Permalinks Migration version 1.0 is vulnerable; other versions may also be affected.
Remediation
Do not browse untrusted websites while logged on to WordPress
References
Related Vulnerabilities
Ruby on Rails Improper Input Validation Vulnerability (CVE-2013-0156)
Joomla! Core 3.x.x Cross-Site Scripting (3.0.0 - 3.9.26)
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-26071)
WordPress Plugin Live Chat Unlimited Cross-Site Scripting (2.8.3)
WordPress Plugin WP-Lytebox 'pg' Parameter Local File Inclusion (1.3)