CVE-2014-9337

Multiple cross-site request forgery CSRF vulnerabilities in the Mikiurl Wordpress Eklentisi plugin 2.0 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting XSS attacks via the 1 twitterkullanici or 2...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the Mikiurl Wordpress Eklentisi plugin 2.0 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting XSS attacks via the 1 twitterkullanici or 2...

CVE-2014-9337

The CVE-2014-9337 entry covers CSRF vulnerabilities in the WordPress plugin Mikiurl Wordpress Eklentisi (version 2.0 and earlier). The flaw enables remote attackers to hijack administrator authentication for requests that trigger XSS via the twitter_kullanici and twitter_sifre parameters in a kay...

CVE-2014-9337

Multiple cross-site request forgery CSRF vulnerabilities in the Mikiurl Wordpress Eklentisi plugin 2.0 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting XSS attacks via the 1 twitterkullanici or 2...

Mikiurl WordPress Eklentisi 2.0 CSRF / XSS

Title: CSRF/XSS Vulnerability in Mikiurl WordPress Eklentisi WP Plugin Author: Manideep K CVE -D : CVE-2014-9337 Plugin Homepage: https://wordpress.org/plugins/mikiurl-wordpress-eklentisi/ Version Affected:2.0 probably lower versions Severity: High Description: Vulnerable Parameter:...

WordPress Eklentisi Plugin <= 2.0 - Multiple CSRF and XSS

Because of these cross site request forgery vulnerabilities, the attackers can hijack the authentication of administrators for requests. In that way they can change plugin settings via unspecified vectors or conduct cross-site scripting attacks. Solution This plugin is closed...