WordPress File Upload Plugin CVE-2014-5199 Cross Site Request Forgery Vulnerability
BID:69230
Info
WordPress File Upload Plugin CVE-2014-5199 Cross Site Request Forgery Vulnerability
| Bugtraq ID: | 69230 |
| Class: | Design Error |
| CVE: |
CVE-2014-5199 |
| Remote: | Yes |
| Local: | No |
| Published: | Aug 13 2014 12:00AM |
| Updated: | Aug 13 2014 12:00AM |
| Credit: | Reported by the vendor. |
| Vulnerable: |
nickboss File Upload 2.4.1 |
| Not Vulnerable: |
nickboss File Upload 2.4.2 |
Exploit / POC
WordPress File Upload Plugin CVE-2014-5199 Cross Site Request Forgery Vulnerability
To exploit this issue an attacker must entice an unsuspecting victim to open a malicious URI.
To exploit this issue an attacker must entice an unsuspecting victim to open a malicious URI.
Solution / Fix
WordPress File Upload Plugin CVE-2014-5199 Cross Site Request Forgery Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
WordPress File Upload Plugin CVE-2014-5199 Cross Site Request Forgery Vulnerability
References:
References:
- WordPress File Upload Changelog (WordPress )
- WordPress File Upload Homepage (WordPress )
- WordPress HomePage (WordPress)