CVE-2018-20972

CVE-2018-20972

The companion-auto-update plugin before 3.2.1 for WordPress has CSRF.

Source: CVE-2018-20972