Description
Cross-site request forgery (CSRF) vulnerability in wp-admin/index.php in WordPress 3.4.2 allows remote attackers to hijack the authentication of administrators for requests that modify an RSS URL via a dashboard_incoming_links edit action.
Remediation
References
Related Vulnerabilities
Apache 2.x version older than 2.0.51
WordPress Plugin GN Publisher: Google News Compatible RSS Feeds Cross-Site Scripting (1.5.5)
WordPress Plugin MStore API-Create Native Android & iOS Apps On The Cloud Security Bypass (2.1.5)
WordPress Plugin All-in-One Video Gallery Multiple Vulnerabilities (2.6.0)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-0217)