CVE-2018-20967by Jeremyin Security Bulletinson Posted on August 14, 2019 The wp-ultimate-csv-importer plugin before 5.6.1 for WordPress has CSRF.