Cross-Site Request Forgery (CSRF) Vulnerability in Duplicate Page
|
Información sobre el sistema
|
|
|
Software afectado |
Wordpress |
Descripción
|
https://www.pluginvulnerabilities.com/2017/10/20/cross-site-request-forgery-csrf-vulnerability-in-duplicate-page/While looking into the details of a reflected cross-site scripting (XSS) vulnerability in the plugin Duplicate Page we noticed that there was no protection against cross-site request forgery (CSRF) when using the plugin’s functionality, duplicating a post or page. As of version 2.3 the URLs for the duplication looks like this:
More info:
https://www.pluginvulnerabilities.com/2017/10/20/cross-site-request-forgery-csrf-vulnerability-in-duplicate-page/ |
Identificadores estándar
|
Propiedad |
Valor |
CVE |
|