4 matches found
CVE-2014-5196
Cross-site request forgery CSRF vulnerability in improved-user-search-in-backend.php in the backend in the Improved user search in backend plugin before 1.2.5 for WordPress allows remote attackers to hijack the authentication of administrators for requests that insert XSS sequences via the...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in improved-user-search-in-backend.php in the backend in the Improved user search in backend plugin before 1.2.5 for WordPress allows remote attackers to hijack the authentication of administrators for requests that insert XSS sequences via the...
CVE-2014-5196
The CVE-2014-5196 entry details a CSRF vulnerability in the WordPress plugin Improved User Search in Backend (backend) prior to version 1.2.5. The flaw resides in the iusib_meta_fields parameter, enabling remote attackers to hijack administrator authentication by injecting XSS sequences. Affected...
CVE-2014-5196
Cross-site request forgery CSRF vulnerability in improved-user-search-in-backend.php in the backend in the Improved user search in backend plugin before 1.2.5 for WordPress allows remote attackers to hijack the authentication of administrators for requests that insert XSS sequences via the...