Description

Cross-site request forgery (CSRF) vulnerability in wp-admin/index.php in WordPress 3.4.2 allows remote attackers to hijack the authentication of administrators for requests that modify an RSS URL via a dashboard_incoming_links edit action.

Remediation

References

CVE-2012-4448

Related Vulnerabilities

Jboss EAP Credentials Management Errors Vulnerability (CVE-2009-5066)

WordPress Plugin Highlight Cross-Site Scripting (0.9.2)

MediaWiki Other Vulnerability (CVE-2007-0894)

Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-10186)

WordPress Plugin Portfolio for Elementor, Image Gallery & Post Grid-PowerFolio Cross-Site Scripting (2.3)

Severity

Medium

Classification

CVE-2012-4448 CWE-352

Tags

Missing Update Known Vulnerabilities