Lucene search
N/APATCHSTACK:4E04A2CCD3A656A3FF4FB794232D3BC0HistoryAug 19, 2014 - 12:00 a.m.
WordPress Disqus Comment System Plugin <= 2.77 - Multiple CSRF
2014-08-1900:00:00
N/A
patchstack.com
4
0.001 Low
EPSS
Percentile
50.1%
Because of these vulnerabilities, the attackers can hijack the authentication of administrators for requests that activate or deactivate the plugin via the “active” parameter to wp-admin/edit-comments.php.
Solution
Update the plugin.
| CPE | Name | Operator | Version |
|---|---|---|---|
| disqus comment system | le | 2.77 |
Related
cve
cve
CVE-2014-5346
2022-10-03 16:20:43
wpvulndb
wpvulndb
Disqus <= 2.77 - Cross-Site Request Forgery (CSRF)
2014-09-17 17:07:36
prion
prion
Cross site request forgery (csrf)
2014-08-19 19:55:00
cvelist
cvelist
CVE-2014-5346
2022-10-03 16:20:43
nvd
nvd
CVE-2014-5346
2014-08-19 19:55:04