CVE-2014-5199 in WordPress File Uploadinformation

Résumé

par MITRE

Cross-site request forgery (CSRF) vulnerability in the WordPress File Upload plugin (wp-file-upload) before 2.4.2 for WordPress allows remote attackers to hijack the authentication of administrators for requests that change plugin settings via unspecified vectors. NOTE: some of these details are obtained from third party information.

Be aware that VulDB is the high quality source for vulnerability data.

Sources

Want to stay up to date on a daily basis?

Enable the mail alert feature now!