2 matches found
CVE-2014-9393
Multiple cross-site request forgery CSRF vulnerabilities in the Post to Twitter plugin 0.7 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting XSS attacks via the 1 idptttwitterusername or 2 idptttweetprefi...
CVE-2014-9393
The CVE-2014-9393 entry concerns the WordPress Post to Twitter plugin (version 0.7 and earlier). Affected component: the plugin’s admin options page handling (wp-admin/options-general.php) where CSRF allows an attacker to hijack administrator authentication and trigger XSS via parameters idptt_tw...