CVE-2017-8875

NONE EPSS 45.1%
Published May 10, 20179y ago ยท Modified Jun 17, 20262w ago
Find Similar
Published May 10, 2017 9y ago
Last Modified Jun 17, 2026 2w ago

Description

CSRF in the Clean Login plugin before 1.8 for WordPress allows remote attackers to change the login redirect URL or logout redirect URL.

Threat Intelligence

EPSS Exploit Probability
45.1% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available

Weaknesses 1

CWE-352 Cross-Site Request Forgery (CSRF) Authentication

Affected Products 1

VendorProductVersionRange
codectionclean_login1.7.12any

References 2

  • seclists.org http://seclists.org/fulldisclosure/2017/May/23
    ExploitMailing ListPatchThird Party Advisory
  • wordpress.org https://wordpress.org/plugins/clean-login/#developers
    Release NotesVendor Advisory

Remediation

  • seclists.org http://seclists.org/fulldisclosure/2017/May/23
    ExploitMailing ListPatchThird Party Advisory