CVE-2019-5974: CSRF
First published: Fri Jul 05 2019(Updated: )
Cross-site request forgery (CSRF) vulnerability in Contest Gallery versions prior to 10.4.5 allows remote attackers to hijack the authentication of administrators via unspecified vectors.
Credit: vultures@jpcert.or.jp
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Contest-gallery Contest Gallery | <10.4.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2019-5974?
CVE-2019-5974 is a Cross-site request forgery (CSRF) vulnerability in Contest Gallery plugin versions prior to 10.4.5.
How severe is CVE-2019-5974?
CVE-2019-5974 has a severity rating of 8.8 (High).
How does the CSRF vulnerability in Contest Gallery work?
The CSRF vulnerability in Contest Gallery allows remote attackers to hijack the authentication of administrators via unspecified vectors.
Is there a fix available for CVE-2019-5974?
Yes, the fix for CVE-2019-5974 is to update Contest Gallery to version 10.4.5 or later.
Where can I find more information about CVE-2019-5974?
More information about CVE-2019-5974 can be found on the following references: [JVN](https://jvn.jp/en/jp/JVN80925867/index.html), [WordPress Plugin Directory](https://wordpress.org/plugins/contest-gallery/), [WPScan Vulnerability Database](https://wpvulndb.com/vulnerabilities/9436).
- collector/nvd-index
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/description
- agent/type
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/contest-gallery
- canonical/contest-gallery contest gallery