Cross-Site Request Forgery Vulnerability in Login Rebuilder Plugin for WordPress
CVE-2014-3882

Currently unrated

Key Information:

Vendor

Wordpress
Status
Login Rebuilder
Vendor
CVE Published:
25 June 2014

What is CVE-2014-3882?

The Login Rebuilder plugin for WordPress contains a Cross-Site Request Forgery (CSRF) vulnerability that permits unauthorized attackers to hijack authentication sessions of any user. By exploiting this flaw, an attacker can craft a malicious request that, if executed by an authenticated user, allows control over the targeted session. This vulnerability emphasizes the importance of securing WordPress plugins and highlights the need for users to keep their installations updated to mitigate such risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://12net.jp/news/n20140623_01.html
x_refsource_CONFIRM
http://jvndb.jvn.jp/jvndb/JVNDB-2014-000062
third-party-advisoryx_refsource_JVNDB
http://wordpress.org/plugins/login-rebuilder/changelog/
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.