ThreatPress

WordPress Vulnerabilities Database

Back

WordPress <= 3.1.2 - Clickjacking Attacks

Product
WordPress
Description
This WordPress version does not prevent rendering for admin or login pages inside a frame in a third-party HTML document. It allows the attackers to conduct clickjacking attacks via a crafted web site.
Solution
Update WordPress.
Classification
Type Unknown
References
CVE Mitre
CVE
Name CVE-2011-3127
Versions
Affected In <= 3.1.2
Fixed In 3.1.3
Disclosure date
2011-08-10
Credits
ryan