Affected configuration(s):


Date published: 2014-05-22T11:13:05.097-04:00

Date last modified: 2014-06-27T12:52:11.297-04:00

CVSS Score: 5.0

Principal attack vector: NETWORK

Complexity:  LOW

Reference URL:

Summary: The TinyMCE Color Picker plugin before 1.2 for WordPress does not properly check permissions, which allows remote attackers to modify plugin settings via unspecified vectors. NOTE: some of these details are obtained from third party information.


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.