Vulnerabilities > DVS Custom Notification Project > DVS Custom Notification > 1.0.1

DATE	CVE	VULNERABILITY TITLE	RISK
2014-04-10	CVE-2012-4921	Cross-Site Request Forgery (CSRF) vulnerability in DVS Custom Notification Project DVS Custom Notification 1.0.1 Multiple cross-site request forgery (CSRF) vulnerabilities in the DVS Custom Notification plugin 1.0.1 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) change application settings or (2) conduct cross-site scripting (XSS) attacks. network dvs-custom-notification-project CWE-352	6.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.