CVE-2014-9437

🗓️ 02 Jan 2015 19:00:00Reported by mitreType

cve

cve🔗 web.nvd.nist.gov👁 38 Views🌐 WEB

Multiple CSRF vulnerabilities in Sliding Social Icons plugin 1.61 for WordPres

Reporter	Title	Published	Views	Family All 7
CNVD	WordPress Plugin Sliding Social Icons Has Multiple Cross-Site Request Forgery Vulnerabilities	8 Jan 201500:00	–	cnvd
Cvelist	CVE-2014-9437	2 Jan 201519:00	–	cvelist
EUVD	EUVD-2014-9258	7 Oct 202500:30	–	euvd
NVD	CVE-2014-9437	2 Jan 201519:59	–	nvd
Patchstack	WordPress Sliding Social Icons Plugin <= 1.61 - Multiple CSRF and XSS	2 Jan 201500:00	–	patchstack
Prion	Cross site request forgery (csrf)	2 Jan 201519:59	–	prion
WPVulnDB	Sliding Social Icons <= 1.61 - CSRF & Stored XSS	15 Dec 201400:00	–	wpvulndb

NVD

Node

sliding_social_icons_project sliding_social_iconsMatch1.61wordpress

Source	Link
packetstormsecurity	www.packetstormsecurity.com/files/129509
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/99510

Parameter	Position	Path	Description	CWE
action	query param	wp-admin/admin.php	CSRF vulnerability enabling changing plugin settings via the wpbs_save_settings action	CWE-352
wpbs_save_settings	query param	wp-admin/admin.php	CSRF vulnerability enabling changing plugin settings via the wpbs_save_settings action	CWE-352
sc_social_slider_margin	query param	wp-admin/admin.php	CSRF/XSS vulnerability with sc_social_slider_margin parameter in the wpbs_save_settings action	CWE-352
action	query param	wp-admin/admin.php	CSRF/XSS vulnerability with sc_social_slider_margin parameter in the wpbs_save_settings action	CWE-352
wpbs_save_settings	query param	wp-admin/admin.php	CSRF/XSS vulnerability with sc_social_slider_margin parameter in the wpbs_save_settings action	CWE-352

17 Jun 2026 00:18Current

6.8Medium risk

Vulners AI Score6.8

CVSS 26.8

EPSS0.01015

cve-2014-9437 csrf cross-site request forgery plugin vulnerabilities wordpress remote attackers authentication hijacking xss cross-site scripting