CVE-2016-10885by Jeremyin Security Bulletinson Posted on August 14, 2019 The wp-editor plugin before 1.2.6 for WordPress has CSRF.