CVE-2014-5346 in Comment Systeminfo

Zusammenfassung

von MITRE

Multiple cross-site request forgery (CSRF) vulnerabilities in the Disqus Comment System plugin 2.77 for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) activate or (2) deactivate the plugin via the active parameter to wp-admin/edit-comments.php, (3) import comments via an import_comments action, or (4) export comments via an export_comments action to wp-admin/index.php.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservieren

19.08.2014

Veröffentlichung

19.08.2014

Moderieren

akzeptiert

Eintrag

VDB-70667

CPE

bereit

Exploit

Download

EPSS

0.02670

KEV

nein

Aktivitäten

very low

Quellen

Do you need the next level of professionalism?

Upgrade your account now!