2 matches found
CVE-2014-9441
Multiple cross-site request forgery CSRF vulnerabilities in the Lightbox Photo Gallery plugin 1.0 for WordPress allow remote attackers to hijack the authentication of administrators for requests that 1 change plugin settings via unspecified vectors or conduct cross-site scripting XSS attacks via...
CVE-2014-9441
The CVE-2014-9441 entry concerns the WordPress Lightbox Photo Gallery 1.0 plugin, which is vulnerable to multiple CSRF (and associated XSS) flaws. According to the sources, remote attackers can hijack administrator authentication to perform actions such as changing plugin settings via unspecified...