QwikSec

Security Database

CVE

CWE

Training

CVE-2014-3850

Published: Jun 11, 2014

Modified: Aug 6, 2024

PUBLISHED

Description

Cross-site request forgery (CSRF) vulnerability in the Member Approval plugin 131109 for WordPress allows remote attackers to hijack the authentication of administrators for requests that change plugin settings to their default and disable registration approval via a request to wp-admin/options-general.php.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20140610 CSRF in Member Approval 131109 permits unapproved registrations (WordPress plugin)

mailing-list

x_refsource_FULLDISC

https://security.dxw.com/advisories/csrf-in-member-approval-131109-permits-unapproved-registrations

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.