TinyMCE Advanced <= 4.1 - Setting Reset Cross-Site Request Forgery (CSRF)

Affects Plugin

fixed in version 4.2.3

References

URL https://wordpress.org/support/topic/tinymce-advanced-41-setting-reset-csrf?replies=3
URL https://vexatioustendencies.com/wordpress-plugin-vulnerability-dump-part-2/

Classification

Type CSRF
CWE CWE-352

Miscellaneous

Submitter pvdl
Views 7226
Verified No
WPVDB ID 7775

Timeline

Publicly Published 2014-09-08 (over 5 years ago)
Added 2015-02-01 (almost 5 years ago)
Last Updated 2019-10-27 (3 months ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin