Cross-Site Request Forgery Vulnerability in File Upload Plugin for WordPress
CVE-2014-5199

Currently unrated

Key Information:

Vendor: Wordpress
Status: WordPress File Upload
Vendor: CVE Published:; 12 August 2014

What is CVE-2014-5199?

The File Upload plugin for WordPress is susceptible to a Cross-Site Request Forgery (CSRF) vulnerability that allows remote attackers to exploit the authentication process of administrators. This vulnerability permits unauthorized changes to plugin settings through deceptive requests, significantly compromising the integrity and security of the WordPress site. Users are encouraged to keep their plugins updated to the latest versions to mitigate the risk associated with this vulnerability.

References

http://wordpress.org/plugins/wp-file-upload/changelog

x_refsource_MISC

http://secunia.com/advisories/60520

third-party-advisoryx_refsource_SECUNIA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Aug 12, 2014

CVE-2014-5199 Data

JSON

Wordpress

What is CVE-2014-5199?

References

Timeline