Vulnerabilities > Twitter Liveblog Project
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-12-31 | CVE-2014-9398 | Cross-Site Request Forgery (CSRF) vulnerability in Twitter Liveblog Project Twitter Liveblog 1.1.2 Cross-site request forgery (CSRF) vulnerability in the Twitter LiveBlog plugin 1.1.2 and earlier for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the mashtlb_twitter_username parameter in the twitter-liveblog.php page to wp-admin/options-general.php. | 6.8 |