2 matches found
CVE-2013-2706
Cross-site request forgery CSRF vulnerability in the Stream Video Player plugin 1.4.0 for WordPress allows remote attackers to hijack the authentication of administrators for requests that change plugin settings via unspecified vectors...
CVE-2013-2706
The CVE refers to a CSRF vulnerability in the Stream Video Player plugin for WordPress, version 1.4.0 and earlier. The underlying issue allows an attacker to hijack an administrator’s authenticated session to submit requests that alter plugin settings via unspecified vectors. Documented impact is...