Source |
Security Affairs |
Identifiant |
1069176 |
Date de publication |
2019-03-14 11:31:01 (vue: 2019-03-14 13:00:23) |
Titre |
CSRF flaw in WordPress potentially allowed the hack of websites |
Texte |
Security researcher Simon Scannell from RIPS Technologies, has discovered a new CSRF vulnerability in WordPress, that could potentially lead to remote code execution attacks. The flaw is a cross-site request forgery (CSRF) that resides in the comment section of WordPress that is enabled by default, the issue affects all WordPress versions prior to version 5.1.1. […]
|
Envoyé |
Oui |
Condensat |
affairs affects all allowed appeared attacks code comment could cross csrf default discovered enabled execution first flaw forgery from hack has issue lead new post potentially prior remote request researcher resides rips scannell section security simon site technologies version versions vulnerability websites wordpress |
Tags |
Hack
Vulnerability
Guideline
|
Stories |
|
Notes |
|
Move |
|