CVE-2014-2598

NONECVSS 0.0

0.0

Cross-site request forgery (CSRF) vulnerability in the Quick Page/Post Redirect plugin before 5.0.5 for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the quickppr_redirects[request][] parameter in the redirect-updates page to wp-admin/admin.php.

🔗 References (18)

cve@mitrehttp://osvdb.org/show/osvdb/105707
cve@mitrehttp://osvdb.org/show/osvdb/105708
cve@mitrehttp://packetstormsecurity.com/files/126127
cve@mitrehttp://seclists.org/fulldisclosure/2014/Apr/171
cve@mitrehttp://secunia.com/advisories/57883
cve@mitrehttp://www.exploit-db.com/exploits/32867
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/92528
cve@mitrehttps://security.dxw.com/advisories/csrf-and-stored-xss-in-quick-pagepost-redirect-plugin/
cve@mitrehttps://wordpress.org/plugins/quick-pagepost-redirect-plugin/changelog/
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/show/osvdb/105707
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/show/osvdb/105708
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/126127
af854a3a-2127-422b-91ae-364da2661108http://seclists.org/fulldisclosure/2014/Apr/171
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/57883
af854a3a-2127-422b-91ae-364da2661108http://www.exploit-db.com/exploits/32867

Is Your Infrastructure Affected by CVE-2014-2598?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2014-2598

📅 Published

🔄 Last Modified

🔗 References (18)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2014-2598?