ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Disqus Plugin 2.7.5 - Admin Stored CSRF and XSS

Product
Disqus
Description
Disqus plugin is prone to an admin stored CSRF and XSS vulnerabilities.
Solution
Update the plugin.
Classification
Type Multi
References
Exploit-DB
CVE
Name CVE-2014-5345
Versions
Affected In <= 2.7.5
Fixed In 2.7.6
Disclosure date
2014-08-14
Credits
Nik Cubrilovic