2 matches found
CVE-2017-14530
WPAdminUI in the Crony Cronjob Manager plugin before 0.4.7 for WordPress has CSRF via the name parameter in an action=manage&do=create operation, as demonstrated by inserting XSS sequences...
CVE-2017-14530
CVE-2017-14530 affects the WordPress plugin Crony Cronjob Manager, specifically versions before 0.4.7. The vulnerability is a CSRF flaw in WP_Admin_UI that uses the name parameter in an action=manage&do=create operation, allowing an attacker to cause cross-site actions and push XSS sequences. The...