oss-sec mailing list archives
CVE Request - Cross-Site Request Forgery Vulnerability in Users to CSV Wordpress Plugin v1.4.5
From: Nitin Venkatesh <venkatesh.nitin () gmail com>
Date: Mon, 15 Jun 2015 23:40:06 +0000
Hi, I've discovered a CSRF vulnerability in the Users to CSV Wordpress Plugin v1.4.5 which allows for user information can be exported via a GET request to users.php. I request a CVE for the same. References: http://seclists.org/fulldisclosure/2015/Jun/44 Thank & regards, Nitin Venkatesh
Current thread:
- CVE Request - Cross-Site Request Forgery Vulnerability in Users to CSV Wordpress Plugin v1.4.5 Nitin Venkatesh (Jun 15)