Cross site request forgery (csrf)

2013-04-2520:55:00

PRIOn knowledge base

www.prio-n.com

7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

35.5%

JSON

Cross-site request forgery (CSRF) vulnerability in the All in One Webmaster plugin before 8.2.4 for WordPress allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.

CPENameOperatorVersion
all-in-on-webmasterle8.2.3
all-in-on-webmastereq7.7.7
all-in-on-webmastereq8.0.0
all-in-on-webmastereq8.1
all-in-on-webmastereq8.2
all-in-on-webmastereq8.2.1
all-in-on-webmastereq8.2.2

Name	Operator	Version
all-in-on-webmaster	le	8.2.3
all-in-on-webmaster	eq	7.7.7
all-in-on-webmaster	eq	8.0.0
all-in-on-webmaster	eq	8.1
all-in-on-webmaster	eq	8.2
all-in-on-webmaster	eq	8.2.1
all-in-on-webmaster	eq	8.2.2