CVE-2014-9335
CVE-2014-9335 affects the WordPress plugin DandyID Services (versions 1.5.9 and earlier). The vulnerability is a CSRF flaw that allows an attacker to hijack an administrator’s authentication to perform actions that can lead to XSS, via the email_address and sidebarTitle parameters in dandyid-serv...