Description

Cross-site request forgery (CSRF) vulnerability in the customizer in WordPress before 3.4.1 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

Remediation

References

CVE-2012-3384

Related Vulnerabilities

WordPress Plugin Olevmedia Shortcodes Multiple Cross-Site Scripting Vulnerabilities (1.1.9)

Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-12625)

Oracle Database Server CVE-2011-0832 Vulnerability (CVE-2011-0832)

Oracle Database Server CVE-2009-1964 Vulnerability (CVE-2009-1964)

Squid Exposure of Resource to Wrong Sphere Vulnerability (CVE-2020-8449)

Severity

Medium

Classification

CVE-2012-3384 CWE-352

Tags

Missing Update Known Vulnerabilities