ThreatPress

WordPress Vulnerabilities Database

Back

WordPress <= 3.3.1 - CSRF and XSS

Product
WordPress
Description
There are cross site scripting and cross site request forgery vulnerabilities via SWF Applets.
Solution
Update WordPress.
Classification
Type Multi
References
CVE Mitre
CVE
Name CVE-2012-2401
Versions
Affected In <= 3.3.1
Fixed In 3.3.2
Disclosure date
2012-04-21
Credits
Nathan Partlan