CVE-2014-9368
Affected software: WordPress twitterDash plugin, version 2.1 and earlier. Vulnerability: CSRF that allows remote attackers to hijack administrator authentication and trigger stored XSS via the username_twitterDash parameter in twitterDash.php directing requests to wp-admin/options-general.php. Im...