EUVD-2013-3189

Malware in sbrugna...

WordPress WP PostViews plugin <= 2.6.1.2 - Cross-Site Scripting (XSS) vulnerability

Because of this vulnerability, the attackers can inject arbitrary JavaScript or HTML code. Vulnerable parameter "searchinput". Solution Update the WordPress WP PostViews plugin to the latest available version at least 2.6.1.3...

CVE-2013-3252

Cross-site request forgery CSRF vulnerability in the options admin page in the WP-PostViews plugin before 1.63 for WordPress allows remote attackers to hijack the authentication of administrators for requests that change plugin settings via unspecified vectors...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the options admin page in the WP-PostViews plugin before 1.63 for WordPress allows remote attackers to hijack the authentication of administrators for requests that change plugin settings via unspecified vectors...

CVE-2013-3252

Cross-site request forgery CSRF vulnerability in the options admin page in the WP-PostViews plugin before 1.63 for WordPress allows remote attackers to hijack the authentication of administrators for requests that change plugin settings via unspecified vectors...

CVE-2013-3252

CVE-2013-3252 affects the WP-PostViews WordPress plugin; the CSRF flaw is in the options admin page, allowing an attacker to hijack administrator authentication and change plugin settings. Affected versions are WP-PostViews before 1.63 (and related entries reference settings manipulation). The ro...

WordPress WP PostViews Plugin <= 1.62 - CSRF

Because of this vulnerability in the options admin page, the attackers can hijack the authentication of administrators for requests that change plugin settings via unspecified vectors. Solution Update the plugin...