SexyBookmarks - Setting Manipulation CSRF

The sexybookmarks WordPress plugin was affected by a Setting Manipulation CSRF security vulnerability...

SA-CONTRIB-2014-030 - SexyBookmarks - Information Disclosure

The SexyBookmarks module is a port of the WordPress SexyBookmarks plug-in. The module adds social bookmarking using the Shareaholic service. The module discloses the private files location when Drupal 6 is configured to use private files. This vulnerability is mitigated by the fact that only site...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the Shareaholic SexyBookmarks plugin 6.1.4.0 for WordPress allows remote attackers to hijack the authentication of users for requests that "manipulate plugin settings."...

CVE-2013-3256

Cross-site request forgery CSRF vulnerability in the Shareaholic SexyBookmarks plugin 6.1.4.0 for WordPress allows remote attackers to hijack the authentication of users for requests that "manipulate plugin settings."...

CVE-2013-3256

CVE-2013-3256 pertains to a cross-site request forgery (CSRF) in the WordPress Shareaholic SexyBookmarks plugin, version 6.1.4.0. The vulnerability allows remote attackers to hijack a user’s authentication for requests that manipulate plugin settings. Root cause is CSRF in the plugin’s settings m...

WordPress Shareaholic SexyBookmarks Plugin <= 6.1.4.0 - CSRF

Because of this vulnerability, the attackers can hijack the authentication of users for requests that "manipulate plugin settings." Solution Update the plugin...