WEB APPLICATION VULNERABILITIES Standard & Premium

WordPress Improper Input Validation Vulnerability (CVE-2011-3127)

Description

WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 does not prevent rendering for (1) admin or (2) login pages inside a frame in a third-party HTML document, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site.

Remediation

References

Related Vulnerabilities

Mailman Other Vulnerability (CVE-2005-0202)

Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-10241)

WordPress Plugin iQ Block Country Cross-Site Scripting (1.2.11)

WebLogic Improper Access Control Vulnerability (CVE-2019-2729)

WordPress Plugin Product Reviews Import Export for WooCommerce CSV Injection (1.4.8)

Severity

Medium

Classification

CVE-2011-3127 CWE-20

Tags

Missing Update Known Vulnerabilities