# Exploit Title: WP User Role Editor CSRF
# Date: 19/5/13
# Exploit Author: Henry Hoggard
# Author Website: http://henryhoggard.co.uk
# Vendor Homepage:https://wordpress.org/support/plugin/user-role-editor
# Software Link:https://wordpress.org/support/plugin/user-role-editor
# Version: <=3.12
# Tested on: Debian
# CVE : none yet

Notified Dev: 16/05/13
Patch Released (3.14): 17/05/13

This allows you to sign up with admin privileges if you make the admin
visit your CSRF script.


Rate this post
Брой прочитания на тази страница: 864
WordPress User Role Editor Plugin 3.12 – CSRF Vulnerability
Tagged on:     

Вашият коментар

Вашият имейл адрес няма да бъде публикуван. Задължителните полета са отбелязани с *