ThreatPress

WordPress Vulnerabilities Database

Back

WordPress leenk.me Plugin 2.5.0 - Multiple Vulnerabilities

Product
leenk me
Description
This WordPress leenk.me plugin is prone to cross-site request forgery and cross-site scripting vulnerabilities via vulnerable page: wp-content/plugins/leenkme/facebook.php. Also, there are vulnerable fields: "facebook_message", "facebook_description", "default_image", "facebook_linkname", etc.
Solution
Upgrade the plugin.
Classification
Type Multi
OWASP Top 10 A8: Cross Site Request Forgery (CSRF)
References
Exploit-DB
CVE
Name CVE-N/A
Versions
Affected In <= 2.5.0
Fixed In 2.5.1
Disclosure date
2016-04-18
Credits
cor3sm4sh3r