oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE Request - Cross-Site Request Forgery Vulnerability in Users to CSV Wordpress Plugin v1.4.5

From: Nitin Venkatesh <venkatesh.nitin () gmail com>
Date: Mon, 15 Jun 2015 23:40:06 +0000
Hi,

I've discovered a CSRF vulnerability in the Users to CSV Wordpress Plugin
v1.4.5 which allows for user information can be exported via a GET request
to users.php. I request a CVE for the same.

References:
http://seclists.org/fulldisclosure/2015/Jun/44

Thank & regards,
Nitin Venkatesh
Previous By Date Next
Previous By Thread Next

Current thread: