First published: Thu Apr 25 2013(Updated: )
Cross-site request forgery (CSRF) vulnerability in the All in One Webmaster plugin before 8.2.4 for WordPress allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.
Credit: PSIRT-CNA@flexerasoftware.com
Affected Software | Affected Version | How to fix |
---|---|---|
Crunchify All-in-on-webmaster | <=8.2.3 | |
Crunchify All-in-on-webmaster | =7.7.7 | |
Crunchify All-in-on-webmaster | =8.0.0 | |
Crunchify All-in-on-webmaster | =8.1 | |
Crunchify All-in-on-webmaster | =8.2 | |
Crunchify All-in-on-webmaster | =8.2.1 | |
Crunchify All-in-on-webmaster | =8.2.2 | |
WordPress WordPress |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.