I am running a wordpress site for my client. My client had run the security test (using W3AF) on the website and the report is saying that there are CSRF found in the website for jquery.js and jquery.migrate.min.js. (Those files are included by wordpress)
The report is saying as below:
Cross Site Request Forgery has been found at: http://foo.com/wp-includes/js/jquery/jquery.js. This vulnerability was found in the request with id 397.
Cross Site Request Forgery has been found at: http://foo.com/wp-includes/js/jquery/jquery.form.min.js. This vulnerability was found in the request with id 406
It is showing in style.css also.
Please guide me with any solution for this.
