Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2015-1580

Опубликовано: 11 фев. 2015
Источник: nvd
CVSS2: 6.8
EPSS Низкий

Описание

Multiple cross-site request forgery (CSRF) vulnerabilities in the Redirection Page plugin 1.2 for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) change plugin settings or conduct cross-site scripting (XSS) attacks via the (2) source or (3) redir parameter in an add action in the redirection-page to wp-admin/options-general.php.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:redirection_project:redirection:1.2:*:*:*:*:wordpress:*:*

EPSS

Процентиль: 30%
0.00113
Низкий

6.8 Medium

CVSS2

Дефекты

CWE-352

Связанные уязвимости

github логотип

GHSA-pfgr-6ggj-wvc9

github
больше 3 лет назад

Multiple cross-site request forgery (CSRF) vulnerabilities in the Redirection Page plugin 1.2 for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) change plugin settings or conduct cross-site scripting (XSS) attacks via the (2) source or (3) redir parameter in an add action in the redirection-page to wp-admin/options-general.php.

EPSS

Процентиль: 30%
0.00113
Низкий

6.8 Medium

CVSS2

Дефекты

CWE-352