Fraction Theme <= 1.1.1 - Privilege Escalation via CSRF



Description
This vulnerability allows an attacker to escalate privileges on the site and have an admin account which may lead to a full site takeover.

Affects Theme

References

PACKETSTORM 130738
URL https://web.archive.org/web/20150324084929/https://research.evex.pw/?vuln=8
URL https://themeforest.net/item/fraction-multipurpose-news-magazine-theme/8655281

Classification

Type CSRF
CWE CWE-352

Miscellaneous

Submitter Abdallah Samman
Submitter Twitter Evex_1337
Views 5745
Verified No
WPVDB ID 7840

Timeline

Publicly Published 2015-03-10 (over 4 years ago)
Added 2015-03-10 (over 4 years ago)
Last Updated 2019-10-21 (about 2 months ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin