Description

Cross-site request forgery (CSRF) vulnerability in the customizer in WordPress before 3.4.1 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

Remediation

References

CVE-2012-3384

Related Vulnerabilities

MySQL Resource Management Errors Vulnerability (CVE-2010-3678)

IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-1237)

OpenSSL Improper Access Control Vulnerability (CVE-2016-7054)

PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2007-1381)

Apache Traffic Server Improper Input Validation Vulnerability (CVE-2023-39456)

Severity

Medium

Classification

CVE-2012-3384 CWE-352

Tags

Missing Update Known Vulnerabilities