Lucene search
PRIOn knowledge basePRION:CVE-2014-9335HistoryDec 19, 2014 - 3:59 p.m.
Cross site request forgery (csrf)
2014-12-1915:59:00
PRIOn knowledge base
www.prio-n.com
3
Multiple cross-site request forgery (CSRF) vulnerabilities in the DandyID Services plugin 1.5.9 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) email_address or (2) sidebarTitle parameter in the dandyid-services.php page to wp-admin/options-general.php.
| CPE | Name | Operator | Version |
|---|---|---|---|
| dandyid_services | le | 1.5.9 |
Related
patchstack
patchstack
WordPress DandyID Services Plugin <= 1.5.9 - Multiple CSRF and XSS
2014-12-07 00:00:00
nvd
nvd
CVE-2014-9335
2014-12-19 15:59:19
packetstorm
packetstorm
WordPress DandyID Services ID 1.5.9 CSRF / XSS
2014-12-14 00:00:00
wpvulndb
wpvulndb
DandyID Services <= 1.5.9 - Multiple CSRF
2014-12-14 00:00:00
cve
cve
CVE-2014-9335
2014-12-19 15:59:19
cvelist
cvelist
CVE-2014-9335
2014-12-19 15:00:00