Multiple CSRF Vulnerabilities in Twitget Plugin for WordPress
CVE-2014-2559

Currently unrated

Key Information:

Vendor

Wordpress
Status
Twitget
Vendor
CVE Published:
17 October 2014

What is CVE-2014-2559?

The Twitget plugin for WordPress, prior to version 3.3.3, is susceptible to multiple cross-site request forgery (CSRF) vulnerabilities. These vulnerabilities can be exploited by remote attackers to hijack the authentication of administrators. By crafting specific requests, an attacker can manipulate plugin options without the administrator's consent, leading to potential unauthorized changes within the website. It is critical for administrators using Twitget to upgrade to the latest version to mitigate this risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://wordpress.org/plugins/twitget/changelog
x_refsource_CONFIRM
http://secunia.com/advisories/57892
third-party-advisoryx_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/92391
vdb-entryx_refsource_XF

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.