WordPress Plugin Vulnerabilities

Admin Renamer Extender <= 3.2.1 - CSRF

Description

CSRF leading to arbitrary username change.

Affects Plugins

Plugin icon
admin-renamer-extended
No known fix

References

CVE
CVE-2019-14680

Classification

Type
CSRF
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-352
CVSS
5.7 (medium)

Miscellaneous

Verified
No
WPVDB ID
aa95d8ba-6c73-4465-95aa-f2494f3d6b30

Timeline

Publicly Published
2019-06-24 (about 6 years ago)
Added
2019-08-21 (about 6 years ago)
Last Updated
2020-09-22 (about 5 years ago)

Other

Published
Title
Published
2025-02-03
Title
Quote Comments <= 3.0.0 - Stored XSS via CSRF
Published
2025-04-09
Title
Comment Validation Reloaded <= 0.5 - Cross-Site Request Forgery to Stored Cross-Site Scripting
Published
2025-07-20
Title
Shortcodes Ultimate < 7.4.3 - Arbitrary Shortcode Execution via CSRF
Published
2023-02-28
Title
WoodMart < 7.1.2 - License Update/Deactivation via CSRF
Published
2024-12-12
Title
Wp Login with Ajax <= 0.6 - Cross-Site Request Forgery to Stored Cross-Site Scripting