Lucene search
N/APATCHSTACK:EB18EFFDE8A64BF7FD8416CB9970F8FEHistoryJan 08, 2015 - 12:00 a.m.
WordPress Banner Effect Header Plugin <= 1.2.6 - Multiple Vulnerabilities
2015-01-0800:00:00
N/A
patchstack.com
7
0.004 Low
EPSS
Percentile
74.3%
A cross site request forgery and cross site scripting are in this plugin. Because of these vulnerabilities, the attackers can hijack the authentication of administrators for requests that conduct cross-site scripting attacks via the “banner_effect_email” parameter, that is in the BannerEffectOptions page to wp-admin/options-general.php.
Solution
Update the plugin.
| CPE | Name | Operator | Version |
|---|---|---|---|
| banner effect header | le | 1.2.6 |
Related
cve
cve
CVE-2015-0920
2015-01-08 15:59:08
wpvulndb
wpvulndb
Banner Effect Header 1.2.6 - XSS & CSRF
2015-01-12 16:02:55
prion
prion
Cross site request forgery (csrf)
2015-01-08 15:59:00
nvd
nvd
CVE-2015-0920
2015-01-08 15:59:08
cvelist
cvelist
CVE-2015-0920
2015-01-08 15:00:00