2 matches found
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-5196. Reason: This candidate is a reservation duplicate of CVE-2014-5196. Notes: All CVE users should reference CVE-2014-5196 instead of this candidate. All references and descriptions in this candidate have been removed to...
CVE-2014-5196
The CVE-2014-5196 entry details a CSRF vulnerability in the WordPress plugin Improved User Search in Backend (backend) prior to version 1.2.5. The flaw resides in the iusib_meta_fields parameter, enabling remote attackers to hijack administrator authentication by injecting XSS sequences. Affected...