Description
Cross-site request forgery (CSRF) vulnerability in administration/profiles.php in Dolphin 7.1.4 and earlier allows remote attackers to hijack the authentication of administrators for requests that conduct SQL injection attacks via the members[] parameter, related to CVE-2014-3810.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Editor.md Cross-Site Scripting (10.0.1)
WordPress Plugin Autoptimize Cross-Site Scripting (3.1.0)
WordPress Plugin Rich Table of Contents Cross-Site Scripting (1.3.7)
WordPress 3.9.x Multiple Vulnerabilities (3.9 - 3.9.34)
WordPress Plugin Content Copy Protection & Prevent Image Save Cross-Site Request Forgery (1.3)