CVE-2011-5226
Sentinel 1.0.0 - Cross-Site Request Forgery via Snapshot Trigger
Title source: llmDescription
Cross-site request forgery (CSRF) vulnerability in wordpress_sentinel.php in the Sentinel plugin 1.0.0 for WordPress allows remote attackers to hijack the authentication of an administrator for requests that trigger snapshots.
References (7)
Core 7
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/51089
Product x_refsource_confirm
http://wordpress.org/extend/plugins/wordpress-sentinel/changelog/
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/77778
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/71857
Vendor Advisory x_refsource_misc
http://www.boiteaweb.fr/wordpress-sentinel-v1-0-0-3104.html
Product x_refsource_confirm
http://plugins.trac.wordpress.org/changeset?reponame=&new=475315%40wordpress-sentinel&old=474998%40wordpress-sentinel
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/47020
Scores
EPSS
0.0122
EPSS Percentile
65.1%
Details
CWE
CWE-352
Status
published
Products (1)
trioniclabs/sentinel
1.0.0
Published
Oct 25, 2012
Tracked Since
Feb 18, 2026