Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2012-4448

Published: 28/09/2012 Updated: 01/10/2012
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Wordpress

Vulnerability Summary

Cross-site request forgery (CSRF) vulnerability in wp-admin/index.php in WordPress 3.4.2 allows remote malicious users to hijack the authentication of administrators for requests that modify an RSS URL via a dashboard_incoming_links edit action.

Vulnerable Product Search on Vulmon Subscribe to Product

wordpress wordpress 3.4.2

Vendor Advisories

Debian CVElist Bug Report Logs: wordpress: CVE-2012-4448
Debian Bug report logs - #689031 wordpress: CVE-2012-4448 Package: wordpress; Maintainer for wordpress is Craig Small <csmall@debianorg>; Source for wordpress is src:wordpress (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Fri, 28 Sep 2012 13:51:01 UTC Severity: important Tags: securit ...

References

CWE-352https://bugs.gentoo.org/show_bug.cgi?id=436198http://secunia.com/advisories/50715http://packetstormsecurity.org/files/116785/WordPress-3.4.2-Cross-Site-Request-Forgery.htmlhttp://openwall.com/lists/oss-security/2012/09/25/15https://bugzilla.redhat.com/show_bug.cgi?id=860261https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=689031https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977IMAPlocal usersCVE-2024-32038CVE-2023-49963CVE-2023-22869CVE-2024-31497localCVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook