CVE-2011-3127

WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 does not prevent rendering for (1) admin or (2) login pages inside a frame in a third-party HTML document, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:wordpress:wordpress:3.1:*:*:*:*:*:*:*
cpe:2.3:a:wordpress:wordpress:3.2:beta1:*:*:*:*:*:*
cpe:2.3:a:wordpress:wordpress:3.1.1:*:*:*:*:*:*:*
cpe:2.3:a:wordpress:wordpress:3.1.2:*:*:*:*:*:*:*

Information

Published : 2011-08-10 14:55

Updated : 2017-08-28 18:30


NVD link : CVE-2011-3127

Mitre link : CVE-2011-3127


JSON object : View

CWE
CWE-20

Improper Input Validation

Advertisement

dedicated server usa

Products Affected

wordpress

  • wordpress