Vulnerability Details: Cross-Site Request Forgery (CSRF)/Settings Change in Cache-Control
The changelog for the latest version of Cache-Control is “Improved security.” Looking at the changes made we found that it fixed a cross-site request forgery (CSRF)/settings change vulnerability, though also breaks access to the admin area of WordPress.
…