Lucene search
MitreCVELIST:CVE-2014-4163HistoryOct 03, 2022 - 4:20 p.m.
CVE-2014-4163
2022-10-0316:20:46
mitre
www.cve.org
2
cve-2014-4163
cross-site request forgery
wordpress
featured comments
authentication hijacking
administrators
wp-admin/admin-ajax.php
Multiple cross-site request forgery (CSRF) vulnerabilities in the Featured Comments plugin 1.2.1 for WordPress allow remote attackers to hijack the authentication of administrators for requests that change the (1) buried or (2) featured status of a comment via a request to wp-admin/admin-ajax.php.
References
Related
cve
cve
CVE-2014-4163
2022-10-03 16:20:46
patchstack
patchstack
WordPress Featured Comments Plugin - Cross Site Request Forgery
2014-06-10 00:00:00
prion
prion
Cross site request forgery (csrf)
2014-06-16 18:55:00
nvd
nvd
CVE-2014-4163
2014-06-16 18:55:09
wpvulndb
wpvulndb