WordPress Vulnerabilities

WordPress <= 4.0 - CSRF in wp-login.php Password Reset

Description

WordPress 4.0.1 adds a CSRF token called 'rp_key' to the password reset form on wp-login.php. Prior versions are vulnerable to CSRF.

Affects WordPress

4.0
Fixed in WordPress 4.0.1
3.9.2
Fixed in WordPress 4.0.1
3.8.4
Fixed in WordPress 4.0.1
3.7.4
Fixed in WordPress 4.0.1

References

CVE
CVE-2014-9033
URL
https://core.trac.wordpress.org/changeset/30418

Classification

Type
CSRF
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-352

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
1caaf023-9b9a-4798-ac7b-c04f95245fcc

Timeline

Publicly Published
2014-11-25 (about 9 years ago)
Added
2014-11-25 (about 9 years ago)
Last Updated
2019-10-21 (about 4 years ago)

Other

Published
Title
Published
2022-09-14
Title
Multiple Plugins from Viszt Peter - Multiple CSRF
Published
2022-05-23
Title
Static Page eXtended <= 2.1 - Arbitrary Settings Update via CSRF to Stored XSS
Published
2023-10-26
Title
Original texts Yandex WebMaster <= 1.18 - Cross-Site Request Forgery
Published
2014-07-26
Title
Brute Force Login Protection <= 1.5.3 - Arbitrary IP Removal/Add via CSRF
Published
2022-02-14
Title
WP-Matomo Integration (WP-Piwik) < 1.0.27 - Plugin Settings Reset via CSRF