WordPress Server Side Request Forgery Security Bypass Vulnerability

Bugtraq ID: 71234
Class: Design Error
CVE: CVE-2014-9038
Remote: Yes
Local: No
Published: Nov 21 2014 12:00AM
Updated: Apr 13 2015 08:14PM
Credit: Ben Bidner (vortfu)
Vulnerable: WordPress WordPress 3.3.2
WordPress WordPress 3.2.2
WordPress WordPress 3.1.4
WordPress WordPress 3.1.3
WordPress WordPress 3.1.2
WordPress WordPress 3.1.1
WordPress WordPress 3.0.5
WordPress WordPress 3.0.4
WordPress WordPress 3.0.3
WordPress WordPress 3.0.2
WordPress WordPress 2.9.2
WordPress WordPress 2.9.1
WordPress WordPress 2.8.6
WordPress WordPress 2.8.5
WordPress WordPress 2.8.4
WordPress WordPress 2.8.3
WordPress WordPress 2.8.2
WordPress WordPress 2.8.1
WordPress WordPress 2.6.5
WordPress WordPress 2.6.2
WordPress WordPress 2.6.1
WordPress WordPress 2.5.1
WordPress WordPress 2.3.3
WordPress WordPress 2.3.2
WordPress WordPress 2.3.1
WordPress WordPress 2.2.3
WordPress WordPress 2.2.2
WordPress WordPress 2.2.1
WordPress WordPress 2.1.3
WordPress WordPress 2.1.2
WordPress WordPress 2.1.1
WordPress WordPress 2.0.11
WordPress WordPress 2.0.10
WordPress WordPress 2.0.7
WordPress WordPress 2.0.6
WordPress WordPress 2.0.5
WordPress WordPress 2.0.4
WordPress WordPress 2.0.3
WordPress WordPress 2.0.2
WordPress WordPress 2.0.1
WordPress WordPress 2.0
WordPress WordPress 1.5.2
WordPress WordPress 1.5.1
WordPress WordPress 1.5
WordPress WordPress 1.3.1
WordPress WordPress 1.2.2
WordPress WordPress 1.2.1
WordPress WordPress 1.2
+ Gentoo Linux 1.4
+ Gentoo Linux
WordPress WordPress 3.3.1
WordPress WordPress 3.3
WordPress WordPress 3.1
WordPress WordPress 3.0.6
WordPress WordPress 3.0.1
WordPress WordPress 2.9.1.1
WordPress WordPress 2.9
WordPress WordPress 2.8.5.2
WordPress WordPress 2.8.5.1
WordPress WordPress 2.8
WordPress WordPress 2.7.1
WordPress WordPress 2.7
WordPress WordPress 2.6.3
WordPress WordPress 2.6
WordPress WordPress 2.5
WordPress WordPress 2.3
WordPress WordPress 2.2
WordPress WordPress 2.1
WordPress WordPress 2.0.9
WordPress WordPress 2.0.8
WordPress WordPress 1.5.1.1
WordPress WordPress 1.5
WordPress WordPress 1.3.3
WordPress WordPress 1.3.2
WordPress WordPress 1.3
WordPress WordPress 1.2.5 A
WordPress WordPress 1.2.5
WordPress WordPress 1.2.4
WordPress WordPress 1.2.3
WordPress WordPress 1.1.1
WordPress WordPress 1.0.2
WordPress WordPress 1.0.1
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus