CVE-2014-5347

Disqus Comment System plugin for WordPress (versions before 2.76) is affected by CSRF vulnerabilities that can allow an attacker to hijack an administrator’s authenticated session and trigger XSS via parameters to wp-admin/edit-comments.php (disqus_replace, disqus_public_key, disqus_secret_key) o...