CVE-2014-2274
CVE-2014-2274 affects the WordPress plugin “Subscribe To Comments Reloaded” (pre-140219). The vulnerability is a Cross-Site Request Forgery (CSRF) that allows remote attackers to hijack administrator authentication for requests that perform Cross-Site Scripting (XSS) via the subscribe-to-comments...