Ashiyane Discover XSS/CSRF WordPress Bug
![](https://irancybernews.org/wp-content/uploads/2019/05/images-cms-image-000000263.jpg)
Iranian security team Ashiyane Digital Security Team have discover XSS/CSRF -Cross Site Scripting/Cross Site Request Forgery- vulnerability in WordPress:
WordPress Avenir-Soft Direct Download Plug-in XSS/CSRF
Bug is discover by Ashiyane member Mahdi.Hidden
Full details is here