WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 does not prevent rendering for (1) admin or (2) login pages inside a frame in a third-party HTML document, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site.
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2011-08-10 14:55
Updated : 2017-08-28 18:30
NVD link : CVE-2011-3127
Mitre link : CVE-2011-3127
JSON object : View
CWE
CWE-20
Improper Input Validation
Products Affected
wordpress
- wordpress