CVE-2011-5226

EUVD-2011-5126
Cross-site request forgery (CSRF) vulnerability in wordpress_sentinel.php in the Sentinel plugin 1.0.0 for WordPress allows remote attackers to hijack the authentication of an administrator for requests that trigger snapshots.
CSRF
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 47%
Affected Products (NVD)
VendorProductVersion
trioniclabssentinel
1.0.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://osvdb.org/77778
http://plugins.trac.wordpress.org/changeset?reponame=&new=475315%40wordpress-sentinel&old=474998%40wordpress-sentinel
http://secunia.com/advisories/47020
http://wordpress.org/extend/plugins/wordpress-sentinel/changelog/
http://www.boiteaweb.fr/wordpress-sentinel-v1-0-0-3104.html
http://www.securityfocus.com/bid/51089
https://exchange.xforce.ibmcloud.com/vulnerabilities/71857
http://osvdb.org/77778
http://plugins.trac.wordpress.org/changeset?reponame=&new=475315%40wordpress-sentinel&old=474998%40wordpress-sentinel
http://secunia.com/advisories/47020
http://wordpress.org/extend/plugins/wordpress-sentinel/changelog/
http://www.boiteaweb.fr/wordpress-sentinel-v1-0-0-3104.html
http://www.securityfocus.com/bid/51089
https://exchange.xforce.ibmcloud.com/vulnerabilities/71857