2 matches found
CVE-2014-9524
Multiple cross-site request forgery CSRF vulnerabilities in the Facebook Like Box cardoza-facebook-like-box plugin before 2.8.3 for WordPress allow remote attackers to hijack the authentication of administrators for requests that 1 change plugin settings via unspecified vectors or conduct...
CVE-2014-9524
The CVE-2014-9524 entry concerns the WordPress plugin Cardoza Facebook Like Box (formerly cardoza-facebook-like-box) before version 2.8.3. The vulnerability set comprises multiple CSRF flaws that allow remote attackers to hijack an administrator’s authenticated session and perform actions such as...