The TinyMCE Color Picker plugin before 1.2 for WordPress does not properly check permissions, which allows remote attackers to modify plugin settings via unspecified vectors. NOTE: some of these details are obtained from third party information.
References
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2014-05-22 08:13
Updated : 2014-06-27 09:52
NVD link : CVE-2014-3844
Mitre link : CVE-2014-3844
JSON object : View
CWE
CWE-264
Permissions, Privileges, and Access Controls
Products Affected
tinymce
- color_picker
wordpress
- wordpress