Lucene search

K
cvelistMitreCVELIST:CVE-2014-5205
HistoryAug 18, 2014 - 10:00 a.m.

CVE-2014-5205

2014-08-1810:00:00
mitre
www.cve.org

6.3 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

52.6%

wp-includes/pluggable.php in WordPress before 3.9.2 does not use delimiters during concatenation of action values and uid values in CSRF tokens, which makes it easier for remote attackers to bypass a CSRF protection mechanism via a brute-force attack.

6.3 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

52.6%