WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin Latest Tweets Widget 1.1.4 and earlier versions are vulnerable to cross-site request forgery, which stems from a CSRF check not being performed when updating its settings. An attacker could exploit the vulnerability to allow it to allow logged-in administrators to change them via a CSRF attack.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress latest tweets widget plugin | lt | 1.1.4 |