Lucene search

K
cvelistMitreCVELIST:CVE-2014-9396
HistoryDec 31, 2014 - 9:00 p.m.

CVE-2014-9396

2014-12-3121:00:00
mitre
www.cve.org
2

AI Score

6.6

Confidence

High

EPSS

0.002

Percentile

52.4%

Multiple cross-site request forgery (CSRF) vulnerabilities in the SimpleFlickr plugin 3.0.3 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) simpleflickr_width, (2) simpleflickr_bgcolor, or (3) simpleflickr_xmldatapath parameter in the simpleFlickr.php page to wp-admin/options-general.php.

AI Score

6.6

Confidence

High

EPSS

0.002

Percentile

52.4%

Related for CVELIST:CVE-2014-9396