CVE

Id
69893  
CVE No.
CVE-2014-2598  
Status
Candidate  
Description
Cross-site request forgery (CSRF) vulnerability in the Quick Page/Post Redirect plugin before 5.0.5 for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the quickppr_redirects[request][] parameter in the redirect-updates page to wp-admin/admin.php.  
Phase
Assigned (20140324)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
667539 69893 CVE-2014-2598 EXPLOIT-DB:32867  View
667540 69893 CVE-2014-2598 URL:http://www.exploit-db.com/exploits/32867  View
667541 69893 CVE-2014-2598 FULLDISC:20140411 CSRF and stored XSS in Quick Page/Post Redirect Plugin (WordPress plugin)  View
667542 69893 CVE-2014-2598 URL:http://seclists.org/fulldisclosure/2014/Apr/171  View
667543 69893 CVE-2014-2598 MISC:http://packetstormsecurity.com/files/126127  View
667544 69893 CVE-2014-2598 MISC:https://security.dxw.com/advisories/csrf-and-stored-xss-in-quick-pagepost-redirect-plugin/  View
667545 69893 CVE-2014-2598 CONFIRM:https://wordpress.org/plugins/quick-pagepost-redirect-plugin/changelog/  View
667546 69893 CVE-2014-2598 OSVDB:105707  View
667547 69893 CVE-2014-2598 URL:http://osvdb.org/show/osvdb/105707  View
667548 69893 CVE-2014-2598 OSVDB:105708  View
667549 69893 CVE-2014-2598 URL:http://osvdb.org/show/osvdb/105708  View
667550 69893 CVE-2014-2598 SECUNIA:57883  View
667551 69893 CVE-2014-2598 URL:http://secunia.com/advisories/57883  View
667552 69893 CVE-2014-2598 XF:quickpage-wordpress-cve20142598-csrf(92528)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
14495 JVNDB-2014-003370 HP StoreVirtual 4000 Storage シリーズおよび StoreVirtual VSA における権限を取得される脆弱性 HP StoreVirtual 4000 Storage シリーズおよび StoreVirtual VSA には、権限を取得される脆弱性が存在します。 CVE-2014-2606 69893 9 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-003370.html  View