WordPress · Wp Security Audit Log · CVE-2014-5072
**Name of the Vulnerable Software and Affected Versions**
WP Security Audit Log plugin versions prior to 1.2.5
**Description**
A cross-site request forgery (CSRF) issue allows remote attackers to hijack the authentication of victims. The exact vectors used for the attack are not specified.
**Recommendations**
For WP Security Audit Log plugin versions prior to 1.2.5, update to version 1.2.5 or later to resolve the issue.