CVE-2014-3850

Member Approval 131109 - Cross-Site Request Forgery via wp-admin/options-general.php

Title source: llm
STIX 2.1

Description

Cross-site request forgery (CSRF) vulnerability in the Member Approval plugin 131109 for WordPress allows remote attackers to hijack the authentication of administrators for requests that change plugin settings to their default and disable registration approval via a request to wp-admin/options-general.php.

References (2)

Core 2

Scores

EPSS 0.0102
EPSS Percentile 59.4%

Details

CWE
CWE-352
Status published
Products (1)
member_approval_plugin_project/member_approval 131109
Published Jun 11, 2014
Tracked Since Feb 18, 2026