4 matches found
Сross-Site Request Forgery (CSRF) in XCloner Wordpress Plugin
Advisory ID: HTB23206 Product: XCloner Wordpress plugin Vendor: XCloner Vulnerable Versions: 3.1.0 and probably prior Tested Version: 3.1.0 Advisory Publication: March 12, 2014 without technical details Vendor Notification: March 12, 2014 Vendor Patch: March 13, 2014 Public Disclosure: April 2,...
CVE-2014-2340
Cross-site request forgery CSRF vulnerability in the XCloner plugin before 3.1.1 for WordPress allows remote attackers to hijack the authentication of administrators for requests that create website backups via a request to wp-admin/plugins.php...
CVE-2014-2340
Cross-site request forgery CSRF vulnerability in the XCloner plugin before 3.1.1 for WordPress allows remote attackers to hijack the authentication of administrators for requests that create website backups via a request to wp-admin/plugins.php...
CVE-2014-2340
The CVE-2014-2340 vulnerability affects the XCloner WordPress plugin (pre-3.1.1). It is a Cross-Site Request Forgery (CSRF) flaw that lets an attacker hijack an administrator’s session to trigger backup creation via wp-admin/plugins.php. Root cause is insufficient verification of request origin c...