Description
Cross-site request forgery (CSRF) vulnerability in wp-admin/post.php in WordPress before 4.2.4 allows remote attackers to hijack the authentication of administrators for requests that lock a post, and consequently cause a denial of service (editing blockage), via a get-post-lock action.
Remediation
References
Related Vulnerabilities
WordPress Plugin EZ Google Analytics Cross-Site Scripting (4.1.06)
WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.25)
WordPress Plugin Olevmedia Shortcodes Cross-Site Scripting (1.1.8)
WordPress Plugin Google SEO Pressor for Rich snippets Cross-Site Scripting (1.2.6)
phpMyFAQ Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-5227)