Cross-Site Request Forgery Vulnerabilities in Newsletter Manager Plugin for WordPress
CVE-2012-6629

Currently unrated

Key Information:

Vendor: Wordpress
Status: Newsletter Manager
Vendor: CVE Published:; 16 January 2014

What is CVE-2012-6629?

The Newsletter Manager plugin for WordPress versions 1.0.2 and earlier contains multiple vulnerabilities that expose administrators to remote attacks. Unsuspecting attackers can exploit these cross-site request forgery (CSRF) flaws to hijack user sessions, allowing them to execute unauthorized actions, such as altering email addresses or inserting malicious scripts. The lack of verification on state-changing requests contributes to this security risk, which calls for immediate attention and safeguards for users relying on this plugin.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/49152

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jan 16, 2014

JSON

Wordpress

What is CVE-2012-6629?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.