Lucene search
K

4 matches found

securityvulns
securityvulns
added 2014/05/04 12:0 a.m.75 views

Сross-Site Request Forgery (CSRF) in XCloner Wordpress Plugin

Advisory ID: HTB23206 Product: XCloner Wordpress plugin Vendor: XCloner Vulnerable Versions: 3.1.0 and probably prior Tested Version: 3.1.0 Advisory Publication: March 12, 2014 without technical details Vendor Notification: March 12, 2014 Vendor Patch: March 13, 2014 Public Disclosure: April 2,...

6.8CVSS7.3AI score0.02851EPSS
Exploits5
NVD
NVD
added 2014/04/03 4:15 p.m.39 views

CVE-2014-2340

Cross-site request forgery CSRF vulnerability in the XCloner plugin before 3.1.1 for WordPress allows remote attackers to hijack the authentication of administrators for requests that create website backups via a request to wp-admin/plugins.php...

6.8CVSS6.9AI score0.02851EPSS
Exploits5References6
Cvelist
Cvelist
added 2014/04/03 3:0 p.m.43 views

CVE-2014-2340

Cross-site request forgery CSRF vulnerability in the XCloner plugin before 3.1.1 for WordPress allows remote attackers to hijack the authentication of administrators for requests that create website backups via a request to wp-admin/plugins.php...

6.9AI score0.02851EPSS
Exploits5References6
CVE
CVE
added 2014/04/03 3:0 p.m.61 views

CVE-2014-2340

The CVE-2014-2340 vulnerability affects the XCloner WordPress plugin (pre-3.1.1). It is a Cross-Site Request Forgery (CSRF) flaw that lets an attacker hijack an administrator’s session to trigger backup creation via wp-admin/plugins.php. Root cause is insufficient verification of request origin c...

6.8CVSS7AI score0.02851EPSS
Exploits5References6Affected Software1
Rows per page
Query Builder