SSCHADV2013-005 - WordPress Plugin 'Types 1.2.1.1' Cross-Site Request Forgery & Stored Cross-site scripting vulnerability
Advisory:
|
WordPress Plugin ‘Types 1.2.1.1’ Cross-Site Request Forgery
& Stored Cross-site scripting vulnerability
|
Advisory ID:
|
SSCHADV2013-005
|
Author:
|
Stefan Schurtz
|
Affected Software:
|
Successfully tested on Types 1.2.1.1
|
Vendor URL:
|
|
Vendor Status:
|
fixed
|
CVE-ID:
|
CVE-2013-2768
|
======================
Vulnerability Description
======================
Vulnerability Description
======================
The parameter ‘skypename’ of the WordPress plugin Types 1.2.1.1 is prone to a CSRF and stored XSS vulnerability