Description
Cross-site request forgery (CSRF) vulnerability in wp-admin/post.php in WordPress before 4.2.4 allows remote attackers to hijack the authentication of administrators for requests that lock a post, and consequently cause a denial of service (editing blockage), via a get-post-lock action.
Remediation
References
Related Vulnerabilities
Drupal Core 5.x SQL Injection (5.0 - 5.14)
WordPress Plugin Check & Log Email Cross-Site Scripting (1.0.3)
OpenVPN AS Other Vulnerability (CVE-2006-1629)
WordPress Plugin Post Grid PHP Object Injection (2.0.11)
phpBB Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2007-5173)