Description
Cross-site request forgery (CSRF) vulnerability in wp-admin/post.php in WordPress before 4.2.4 allows remote attackers to hijack the authentication of administrators for requests that lock a post, and consequently cause a denial of service (editing blockage), via a get-post-lock action.
Remediation
References
Related Vulnerabilities
Plone CMS Resource Management Errors Vulnerability (CVE-2012-5506)
Drupal Core 8.5.x Remote Code Execution (8.5.0 - 8.5.2)
WordPress Plugin Sell Media Cross-Site Request Forgery (2.5.5)
WordPress Plugin Spiffy XSPF Player SQL Injection (0.1)
WordPress Plugin PowerPress Podcasting by Blubrry Cross-Site Scripting (10.0.1)