2 matches found
CVE-2014-9400
Multiple cross-site request forgery CSRF vulnerabilities in the Wp Unique Article Header Image plugin 1.0 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting XSS attacks via the 1 gtdefaultheader or 2...
CVE-2014-9400
CVE-2014-9400 concerns the WordPress plugin “WP Unique Article Header Image” (version 1.0 and earlier). The connected sources confirm CSRF vulnerabilities that allow an attacker to hijack an administrator’s authentication for requests leading to cross-site scripting (XSS) via the parameters gt_de...