Becoming a master in WordPress security takes time and effort. There are plenty of exploits and hacks that you need to be familiar with to make sure your site is protected as much as possible. CSRF is one of those exploits. Cross-site request forgery is a tactic in which the attacker uses the trust a site has in a browser to do damage. Not all sites are protected against this type of attack (especially those running older versions of WordPress). But thanks to these 4 anti-CSRF plugins, you can keep your site protected against these types of attacks:
Anti CSRF: protects your website from badly programmed plugins which are susceptible to CSRF attacks.
BulletProof Security: one of the best security plugins for WordPress. It protects your website against XSS, RFI, CRLF, CSRF, and code injection.
6Scan Security: I found this plugin a few months ago. It has the potential to be a superb security plugin for WordPress. It automatically scans and protects you against SQL Injection, XSS, CSRF, and many other threats.
WP-Sentinel: a security plugin that checks every HTTP request to block attacks such as remote file inclusions, cross site request forgery, login brute-forcing, and other hacks.
Should you be worried about CSRF? Just remember that no code is perfect. I have seen great developers make simple mistakes when shipping their codes. Why take any chances when you can protect your site against these types of hack attacks with the above plugins.