WordPress Plugin Vulnerabilities

Quick Post Widget 1.9.1 - Multiple Function CSRF

Description

The quick-post-widget WordPress plugin was affected by a Multiple Function CSRF security vulnerability.

Affects Plugins

Plugin icon
quick-post-widget
No known fix

Classification

Type
CSRF
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-352

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
6ffd97b4-b5b9-41cb-a864-519221c52337

Timeline

Publicly Published
2014-08-27 (about 11 years ago)
Added
2014-08-27 (about 11 years ago)
Last Updated
2015-05-15 (about 10 years ago)

Other

Published
Title
Published
2025-05-07
Title
Wiki Embed < 1.4.7 - Cross-Site Request Forgery
Published
2025-06-05
Title
WP Media File Type Manager <= 2.3.1 - Settings Update via CSRF
Published
2025-03-24
Title
AlphaOmega Captcha & Anti-Spam Filter <= 3.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting
Published
2023-10-17
Title
Stripe Gateway < 7.6.1 - Cross-Site Request Forgery
Published
2023-12-27
Title
Job Manager & Career – Manage job board listings, and recruitments < 1.4.5 - Cross-Site Request Forgery to PHP Object Injection