Miembros de
Boletines de Vulnerabilidades |
Cross-Site Request Forgery (CSRF) Vulnerability in Duplicate Page |
|
Información sobre el sistema |
|
| Software afectado | Wordpress |
Descripción |
|
|
https://www.pluginvulnerabilities.com/2017/10/20/cross-site-request-forgery-csrf-vulnerability-in-duplicate-page/While looking into the details of a reflected cross-site scripting (XSS) vulnerability in the plugin Duplicate Page we noticed that there was no protection against cross-site request forgery (CSRF) when using the plugin’s functionality, duplicating a post or page. As of version 2.3 the URLs for the duplication looks like this: More info: https://www.pluginvulnerabilities.com/2017/10/20/cross-site-request-forgery-csrf-vulnerability-in-duplicate-page/ |
|
Identificadores estándar |
|
| Propiedad | Valor |
| CVE | |
Histórico de versiones |
||
| Versión | Comentario | Fecha |
| 1.0 | Advisory issued | 2017-10-21 |