EUVD-2014-9161

Malware in sbrugna...

iTwitter v0.04 WP Plugin - XSS & CSRF Web Vulnerability

Document Title: =============== iTwitter v0.04 WP Plugin - XSS & CSRF Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1375 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9336 CVE-ID: ======= CVE-2014-9336 Release Date:...

iTwitter <= 0.04 - XSS & CSRF

The itwitter WordPress plugin was affected by a XSS & CSRF security vulnerability...

CVE-2014-9336

Multiple cross-site request forgery CSRF vulnerabilities in the iTwitter plugin 0.04 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting XSS attacks via the 1 itexttwitterusername or 2 itexttwitteruserpass...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the iTwitter plugin 0.04 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting XSS attacks via the 1 itexttwitterusername or 2 itexttwitteruserpass...

CVE-2014-9336

Multiple cross-site request forgery CSRF vulnerabilities in the iTwitter plugin 0.04 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting XSS attacks via the 1 itexttwitterusername or 2 itexttwitteruserpass...

CVE-2014-9336

The CVE-2014-9336 entry concerns the WordPress iTwitter plugin (v0.04 and earlier). An underlying issue consists of a client-side CSRF vulnerability coupled with a cross-site scripting (XSS) flaw in iTwitter.php, exploitable via the itex_t_twitter_username and itex_t_twitter_userpass parameters s...

WordPress iTwitter 0.04 Cross Site Request Forgery / Cross Site Scripting

Document Title: =============== iTwitter v0.04 WP Plugin - XSS & CSRF Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1375 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9336 CVE-ID: ======= CVE-2014-9336 Release Date:...

iTwitter v0.04 WP Plugin - XSS & CSRF Web Vulnerability

Document Title: =============== iTwitter v0.04 WP Plugin - XSS & CSRF Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1375 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9336 CVE-ID: ======= CVE-2014-9336 Release Date:...

WordPress iTwitter WP 0.04 CSRF / XSS

Title: CSRF/XSS Vulnerability in iTwitter WP Plugin Author: Manideep K CVE-ID: CVE-2014-9336 Plugin Homepage: https://wordpress.org/plugins/itwitter/ Version Affected: 0.04 probably lower versions Severity: High Description: Vulnerable Parameter: itexttwitterusername, itexttwitteruserpass etc Abo...

WordPress iTwitter Plugin <= 0.04 - Multiple CSRF and XSS

Because of these cross site request forgery vulnerabilities, the attackers can hijack the authentication of administrators for requests. In that way they can change plugin settings via unspecified vectors or conduct cross-site scripting attacks. Solution This plugin is closed...