VYPR

Far Future Expiry Header

by WordPress

CVEs (1)

  • CVE-2021-24799MedNov 1, 2021
    risk 0.28cvss 4.3epss 0.00

    The Far Future Expiry Header WordPress plugin before 1.5 does not have CSRF check when saving its settings, which could allow attackers to make a logged in admin change them via a CSRF attack.