CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2014-9099

Cross-site request forgery (CSRF) vulnerability in the WhyDoWork AdSense plugin 1.2 for WordPress allows remote attackers to hijack the authentication of administrators for requests that have unspecified impact via a request to the whydowork_adsense page in wp-admin/options-general.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 45.4%

CVSS Severity

CVSS v2 Score 6.8

References

http://packetstormsecurity.com/files/127658/WordPress-WhyDoWork-AdSense-1.2-XSS-CSRF.html
http://www.securityfocus.com/bid/68954
http://packetstormsecurity.com/files/127658/WordPress-WhyDoWork-AdSense-1.2-XSS-CSRF.html
http://www.securityfocus.com/bid/68954

Products affected by CVE-2014-9099

Whydowork Adsense Project » Whydowork Adsense » Version: 1.2

cpe:2.3:a:whydowork_adsense_project:whydowork_adsense:1.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-9099

Products

Pricing

Contact Us