CVE-2017-8875
NONE EPSS 45.1%
Published May 10, 20179y ago ยท Modified Jun 17, 20262w ago
Published May 10, 2017 9y ago
Last Modified Jun 17, 2026 2w ago
Description
CSRF in the Clean Login plugin before 1.8 for WordPress allows remote attackers to change the login redirect URL or logout redirect URL.
Threat Intelligence
EPSS Exploit Probability
45.1% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available
Weaknesses 1
CWE-352 Cross-Site Request Forgery (CSRF) Authentication
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| codection | clean_login | 1.7.12 | any |
References 2
- seclists.org http://seclists.org/fulldisclosure/2017/May/23
- wordpress.org https://wordpress.org/plugins/clean-login/#developers
Remediation
- seclists.org http://seclists.org/fulldisclosure/2017/May/23