CVE-2014-3844CVE-2014-3844

Affected configuration(s):

cpe:/a:tinymce:color_picker:1.1

Date published: 2014-05-22T11:13:05.097-04:00

Date last modified: 2014-06-27T12:52:11.297-04:00

CVSS Score: 5.0

Principal attack vector: NETWORK

Complexity:  LOW

Reference URL: http://wordpress.org/plugins/tinymce-colorpicker/changelog

Summary: The TinyMCE Color Picker plugin before 1.2 for WordPress does not properly check permissions, which allows remote attackers to modify plugin settings via unspecified vectors. NOTE: some of these details are obtained from third party information.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.