CVE-2014-3882

Cross-site request forgery (CSRF) vulnerability in the Login rebuilder plugin before 1.2.0 for WordPress allows remote attackers to hijack the authentication of arbitrary users.

Published : 2014-06-25 11:19 Updated : 2014-06-25 14:35

6.8
CVSS Score More info
Score 6.8 / 10
6.8
Vendor Product Version URI
12net Login Rebuilder 1.1.1 cpe:/a:12net:login_rebuilder:1.1.1::~~~wordpress~~
12net Login Rebuilder 1.0.2 cpe:/a:12net:login_rebuilder:1.0.2::~~~wordpress~~
12net Login Rebuilder 1.1.0 cpe:/a:12net:login_rebuilder:1.1.0::~~~wordpress~~
12net Login Rebuilder 1.0.1 cpe:/a:12net:login_rebuilder:1.0.1::~~~wordpress~~
12net Login Rebuilder 1.1.3 cpe:/a:12net:login_rebuilder:1.1.3::~~~wordpress~~
12net Login Rebuilder 1.1.2 cpe:/a:12net:login_rebuilder:1.1.2::~~~wordpress~~
12net Login Rebuilder 1.0.3 cpe:/a:12net:login_rebuilder:1.0.3::~~~wordpress~~
12net Login Rebuilder 1.0.0 cpe:/a:12net:login_rebuilder:1.0.0::~~~wordpress~~
  1. 12net (1) Search CVE
    1. Login Rebuilder (8) Search CVE
      1. 1.1.1
      2. 1.0.2
      3. 1.1.0
      4. 1.0.1
      5. 1.1.3
      6. 1.1.2
      7. 1.0.3
      8. 1.0.0

CWE

ID Name Description Links
CWE-352 Cross-Site Request Forgery (CSRF) The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request. CVE

History of changes

Date Event
2014-06-25 11:19

New CVE