WordPress Improved User Search in Backend Plugin <= 1.2.4 - CSRF

2014-08-1200:00:00

N/A

patchstack.com

EPSS

0.002

Percentile

60.8%

JSON

Because of this vulnerability in improved-user-search-in-backend.php, the attackers can hijack the authentication of administrators for requests that insert XSS sequences.

Solution

           Update the plugin.

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5196

EPSS

0.002

Percentile

60.8%

JSON

Related for PATCHSTACK:9BEFD63809E20B230C5F4A6D4A0D9164