2 matches found
CVE-2014-3907
Cross-site request forgery CSRF vulnerability in the MailPoet Newsletters wysija-newsletters plugin before 2.6.11 for WordPress allows remote attackers to hijack the authentication of arbitrary users...
CVE-2014-3907
CVE-2014-3907 concerns a cross-site request forgery (CSRF) vulnerability in the WordPress plugin MailPoet Newsletters (wysija-newsletters) up to version 2.6.10. The root cause is CSRF that enables an attacker to hijack the authentication of arbitrary users when they view a malicious page while lo...