MidnightBSD

Advisories for fresh-media

CVE-2014-5034 MEDIUM

Cross-site request forgery (CSRF) vulnerability in the Brute Force Login Protection module 1.3 for WordPress allows remote attackers to hijack the authentication of unspecified users for requests that have unknown impact via a crafted request to the brute-force-login-protection page to wp-admin/options-general.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
fresh-media brute_force_login_protection 1.3