CVE-2012-3384

CVE-2012-3384

EPSS 1.2%

Cross-site request forgery (CSRF) vulnerability in the customizer in WordPress before 3.4.1 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://codex.wordpress.org/Version_3.4.1 http://www.openwall.com/lists/oss-security/2012/07/02/1 http://www.openwall.com/lists/oss-security/2012/07/08/1