Lucene search
+L

6 matches found

euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-9166

Malware in sbrugna...

6.8CVSS6.4AI score0.0101EPSS
Exploits2References3
nvd
nvd
added 2014/12/19 3:59 p.m.16 views

CVE-2014-9341

Multiple cross-site request forgery CSRF vulnerabilities in the yURL ReTwitt plugin 1.4 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting XSS attacks via the 1 yurllogin or 2 yurlanchor parameter in the...

6.8CVSS6.7AI score0.0101EPSS
Exploits2References1
prion
prion
added 2014/12/19 3:59 p.m.16 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the yURL ReTwitt plugin 1.4 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting XSS attacks via the 1 yurllogin or 2 yurlanchor parameter in the...

6.8CVSS7AI score0.0101EPSS
Exploits2References1Affected Software1
cvelist
cvelist
added 2014/12/19 3:0 p.m.24 views

CVE-2014-9341

Multiple cross-site request forgery CSRF vulnerabilities in the yURL ReTwitt plugin 1.4 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting XSS attacks via the 1 yurllogin or 2 yurlanchor parameter in the...

6.7AI score0.0101EPSS
Exploits2References1
cve
cve
added 2014/12/19 3:0 p.m.42 views

CVE-2014-9341

CVE-2014-9341 affects the WordPress plugin yURL ReTwitt (version 1.4 and earlier). The vulnerability is a combination of CSRF and XSS: remote attackers can hijack an administrator’s session to perform actions via requests that trigger XSS through the yurl_login or yurl_anchor parameters on the yu...

6.8CVSS6.8AI score0.0101EPSS
Exploits2References1Affected Software1
patchstack
patchstack
added 2014/12/07 12:0 a.m.16 views

WordPress yURL ReTwitt Plugin <= 1.4 - Multiple CSRF and XSS

Because of these cross site request forgery vulnerabilities, the attackers can hijack the authentication of administrators for requests. In that way they can change plugin settings via unspecified vectors or conduct cross-site scripting attacks. Solution This plugin is closed...

6.8CVSS3.4AI score0.0101EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder