7 matches found
EUVD-2014-9219
Malware in sbrugna...
WordPress Plugin Twitter LiveBlog Cross-Site Request Forgery Vulnerability
WordPress is a blogging platform developed using the PHP language that allows users to set up their own weblogs on servers that support PHP and MySQL databases.Twitter LiveBlog plugin is a plugin for dynamic posting of articles or tweets. The WordPress plugin Twitter LiveBlog cross-site request...
CVE-2014-9398
Cross-site request forgery CSRF vulnerability in the Twitter LiveBlog plugin 1.1.2 and earlier for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting XSS attacks via the mashtlbtwitterusername parameter in the...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in the Twitter LiveBlog plugin 1.1.2 and earlier for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting XSS attacks via the mashtlbtwitterusername parameter in the...
CVE-2014-9398
The CVE-2014-9398 entry concerns the WordPress Twitter LiveBlog plugin (versions 1.1.2 and earlier). The vulnerability is a CSRF flaw that allows an attacker to hijack an administrator’s authenticated session to perform actions that may enable XSS via the mashtlb_twitter_username parameter in twi...
CVE-2014-9398
Cross-site request forgery CSRF vulnerability in the Twitter LiveBlog plugin 1.1.2 and earlier for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting XSS attacks via the mashtlbtwitterusername parameter in the...
WordPress Twitter LiveBlog 1.1.2 CSRF / XSS
Title: CSRF / Stored XSS Vulnerability in Twitter LiveBlog Wordpress Plugin Author: Manideep K CVE-ID: CVE-2014-9398 Plugin Homepage: https://wordpress.org/plugins/twitter-liveblog/ Version Affected: 1.1.2 probably lower versions Severity: High Description: Vulnerable Parameter:...