WordPress Mobile Domain Plugin Cross Site Request Forgery (CVE-2015-1581)

A cross-site request forgery CSRF vulnerability has been reported in WordPress Mobile Domain Plugin. An attacker could exploit this vulnerability by convincing the user to follow a malicious link or visit an attacker controlled website...

WordPress Plugin Mobile Domain Has Multiple Cross-Site Request Forgery Vulnerabilities

Mobile Domain plugin is a desktop redirection plugin. The WordPress plugin Mobile Domain suffers from multiple cross-site request forgery vulnerabilities that allow remote attackers to hijack administrator request authentication...

CVE-2015-1581

Multiple cross-site request forgery CSRF vulnerabilities in the Mobile Domain plugin 1.5.2 for WordPress allow remote attackers to hijack the authentication of administrators for requests that 1 change plugin settings or conduct cross-site scripting XSS attacks via the 2 domain, 3 text, 4 font, 5...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the Mobile Domain plugin 1.5.2 for WordPress allow remote attackers to hijack the authentication of administrators for requests that 1 change plugin settings or conduct cross-site scripting XSS attacks via the 2 domain, 3 text, 4 font, 5...

CVE-2015-1581

Multiple cross-site request forgery CSRF vulnerabilities in the Mobile Domain plugin 1.5.2 for WordPress allow remote attackers to hijack the authentication of administrators for requests that 1 change plugin settings or conduct cross-site scripting XSS attacks via the 2 domain, 3 text, 4 font, 5...

CVE-2015-1581

The CVE-2015-1581 entry concerns the WordPress Mobile Domain plugin (version 1.5.2) with multiple CSRF vulnerabilities that allow remote attackers to hijack administrator authentication for actions such as changing plugin settings and potentially enabling XSS via parameters like domain, text, fon...

Mobile Domain <= 1.5.2 - CSRF/XSS

The mobile-domain WordPress plugin was affected by a CSRF/XSS security vulnerability...

WordPress Mobile Domain 1.5.2 Cross Site Request Forgery / Cross Site Scripting

Title: WordPress 'Mobile Domain' CSRF/XSS Version: 1.5.2 Author: Morten Nørtoft, Kenneth Jepsen, Mikkel Vej Date: 2015/01/26 Download: https://wordpress.org/plugins/mobile-domain/ Contacted WordPress: 2015/01/26 ========================================================== Description:...

Facebook Open_Redirector/Broken_Authentecation exploit

This exploit includes two vulnerabilities at Facebook: 1- An Open Redirector at the mobile domain m.facebook.com which is hard to detect due to its special mechanism and harder to get fixed fully because it requires an non simple change at the platform to get fully patched and it could be exploit...