WordPress Plugin Vulnerabilities

Simple Sticky Footer < 1.3.3 - Multiple CSRF

Description

The Simple Sticky Footer WordPress plugin was affected by a Multiple CSRF security vulnerability.

Affects Plugins

Plugin icon
simple-sticky-footer
Fixed in 1.3.3

References

CVE
CVE-2014-9454
URL
https://packetstormsecurity.com/files/#129503/
URL
https://exchange.xforce.ibmcloud.com/vulnerabilities/99375
URL
https://exchange.xforce.ibmcloud.com/vulnerabilities/99374

Classification

Type
CSRF
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-352

Miscellaneous

Verified
No
WPVDB ID
43346c97-d9a1-4023-9fb5-b2b0629eb657

Timeline

Publicly Published
2014-12-12 (about 11 years ago)
Added
2019-08-21 (about 6 years ago)
Last Updated
2019-11-27 (about 6 years ago)

Other

Published
Title
Published
2026-01-27
Title
imwptip <= 1.1 - Cross-Site Request Forgery to Settings Update
Published
2025-04-09
Title
DeBounce Email Validator < 5.8.2 - Stored XSS via CSRF
Published
2025-12-16
Title
Download Plugins and Themes from Dashboard < 1.9.7 - Cross-Site Request Forgery to Bulk Plugin/Theme Archival
Published
2024-12-05
Title
eewee admin custom <= 1.8.2.4 - Cross-Site Request Forgery to Privilege Escalation
Published
2021-08-25
Title
Nested Pages < 3.1.16 - CSRF to Arbitrary Post Deletion and Modification