Cross-Site Request Forgery Vulnerability in Featured Comments Plugin for WordPress
CVE-2014-4163

Currently unrated

Key Information:

Vendor: Wordpress
Status: Featured Comments
Vendor: CVE Published:; 16 June 2014

What is CVE-2014-4163?

The Featured Comments plugin for WordPress version 1.2.1 contains multiple vulnerabilities that allow attackers to exploit Cross-Site Request Forgery (CSRF). By making unauthorized requests, an attacker can manipulate comment statuses, either changing them to buried or featured. These vulnerabilities enable remote attackers to hijack the authentication of administrators, posing a significant risk to the integrity of comment management on affected WordPress sites.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://seclists.org/fulldisclosure/2014/Jun/62

mailing-listx_refsource_FULLDISC

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jun 16, 2014

JSON

Wordpress

What is CVE-2014-4163?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.