WordPress Plugin JW Player for Flash & HTML5 Video – Cross-Site Request Forgery

• Exploit Database
• 15 阅读

• 作者： Tom Adams
  日期： 2014-06-10
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/39212/

• source: https://www.securityfocus.com/bid/67954/info
  
  JW Player for Flash & HTML5 Video is a Plugin for WordPress is prone to a cross-site request-forgery vulnerability.
  
  Exploiting this issue may allow a remote attacker to perform certain unauthorized actions. This may lead to further attacks.
  
  JW Player for Flash & HTML5 Video 2.1.3 is vulnerable; other versions may also be affected. 
  
  http://www.example.com/wp-admin/admin.php?page=jwp6_menu&player_id=1&action=delete