CVE-2016-10962

The icegram plugin before 1.9.19 for WordPress has CSRF via the wp-admin/edit.php option_name parameter.
Source: NIST
CVE-2016-10962