2 matches found
CVE-2014-9395
Multiple cross-site request forgery CSRF vulnerabilities in the Simplelife plugin 1.2 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting XSS attacks via the 1 simplehoverback, 2 simplehovertext, 3...
CVE-2014-9395
CVE-2014-9395 affects the WordPress Simplelife plugin (versions 1.2 and earlier). The vulnerability set comprises multiple CSRF flaws that allow remote attackers to hijack administrator authentication for requests that trigger XSS via parameters in simplelife.php (notably simplehoverback, simpleh...