Cross-site request forgery (CSRF) vulnerability in the TinyMCE Color Picker plugin prior to 1.2 for WordPress allows remote malicious users to hijack the authentication of unspecified users for requests that change plugin settings via unknown vectors. NOTE: some of these details are obtained from third party information.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
tinymce color_picker |