QwikSec

Security Database

CVE

CWE

Training

CVE-2015-6523

Published: Aug 19, 2015

Modified: Aug 6, 2024

PUBLISHED

Description

Cross-site request forgery (CSRF) vulnerability in the Portfolio plugin before 1.05 for WordPress allows remote attackers to hijack the authentication of administrators for requests that have unspecified impact via a request to the instagram-portfolio page in wp-admin/options-general.php.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://wpvulndb.com/vulnerabilities/8108

x_refsource_MISC

https://plugins.trac.wordpress.org/changeset/1175403/portfolio-by-lisa-westlund

x_refsource_CONFIRM

20150721 Cross-Site Request Forgery Vulnerability in Portfolio Plugin Wordpress Plugin v1.0

mailing-list

x_refsource_FULLDISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.