Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2014-4717
HistoryOct 03, 2022 - 4:20 p.m.

CVE-2014-4717

2022-10-0316:20:46
mitre
www.cve.org
cross-site request forgery
csrf
simple share buttons adder
wordpress
remote attackers
authentication
administrators
cross-site scripting
xss
pages
posts
category/archive pages
post excerpts

6.6 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.1%

JSON

Multiple cross-site request forgery (CSRF) vulnerabilities in the Simple Share Buttons Adder plugin before 4.5 for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) ssba_share_text parameter in a save action to wp-admin/options-general.php, which is not properly handled in the homepage, and unspecified vectors related to (2) Pages, (3) Posts, (4) Category/Archive pages or (5) post Excerpts.

Related

wpvulndb 1
cve 1
nvd 1
prion 1
patchstack 1
wpvulndb
wpvulndb
Simple Share Buttons Adder 4.4 - options-general.php Multiple Admin Actions CSRF
2014-06-26 00:00:00
cve
cve
CVE-2014-4717
2022-10-03 16:20:46
nvd
nvd
CVE-2014-4717
2014-07-03 14:55:09
prion
prion
Cross site request forgery (csrf)
2014-07-03 14:55:00
patchstack
patchstack
WordPress Simple Share Buttons Adder Plugin 4.4 - Multiple Vulnerabilities
2014-06-27 00:00:00

6.6 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.1%

JSON
Related for CVELIST:CVE-2014-4717
wpvulndb1cve1nvd1prion1patchstack1