Bootstrap — CWE-352

The 5280 Bootstrap Modal Contact Form plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation in class-sbmm-list-table.php. This makes it possible for unauthenticated attackers to bulk delete mes…

Cross-Site Request Forgery (CSRF) vulnerability in AREOI All Bootstrap Blocks plugin <= 1.3.6 versions.