Description

Cross-site request forgery (CSRF) vulnerability in the customizer in WordPress before 3.4.1 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

Remediation

References

CVE-2012-3384

Related Vulnerabilities

WordPress Plugin Brizy-Page Builder Cross-Site Scripting (2.3.26)

WordPress 4.9.x Multiple Vulnerabilities (4.9 - 4.9.4)

Oracle Database Server CVE-2011-0848 Vulnerability (CVE-2011-0848)

WordPress Plugin Flickrpress PHP Object Injection (1.0.2)

Oracle Database Server CVE-2014-6542 Vulnerability (CVE-2014-6542)

Severity

Medium

Classification

CVE-2012-3384 CWE-352

Tags

Missing Update Known Vulnerabilities