CVE-2014-3844

Currently unrated

Key Information:

Vendor: Wordpress
Status: Color Picker
Vendor: CVE Published:; 22 May 2014

Summary

The TinyMCE Color Picker plugin before 1.2 for WordPress does not properly check permissions, which allows remote attackers to modify plugin settings via unspecified vectors. NOTE: some of these details are obtained from third party information.

References

http://wordpress.org/plugins/tinymce-colorpicker/changelog

x_refsource_MISC

http://secunia.com/advisories/58095

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
May 22, 2014