CVE-2014-9394
CVE-2014-9394 concerns the WordPress PWGRandom plugin (version ≤ 1.11). The connected documents describe multiple CSRF vulnerabilities that enable an attacker to hijack an administrator’s authentication for requests that execute cross-site scripting (XSS) via parameters pwgrandom_title and pwgran...