=============== Software Description =============== Software:clean login version:<1.8 description:Responsive Frontend Login and Registration plugin. ======== Details ======== CSRF in wordpress plugin clean login allows remote attacker change wordpress login redirect url or logout redirect url to evil address. ======== POC: ========
========= Mitigations ================ Disable the plugin until a new version is released that fixes this bug. ========= Fixed ========= http://ift.tt/2qV89Yz(1.8 version update)
Source: Gmail -> IFTTT-> Blogger
No comments:
Post a Comment