CVE-2018-1000505

Tooltipy (tooltips for WP) version 5 contains a Cross ite Request Forgery (CSRF) vulnerability in Settings page that can result in could allow anybody to duplicate posts. This attack appear to be exploitable via Admin must follow a link. This vulnerability appears to have been fixed in 5.1.
References
Link Resource
https://advisories.dxw.com/advisories/csrf-in-tooltipy/ Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:tooltipy:tooltipy:5.0:*:*:*:*:wordpress:*:*

Information

Published : 2018-06-26 04:29

Updated : 2018-08-30 05:32


NVD link : CVE-2018-1000505

Mitre link : CVE-2018-1000505

Products Affected
No products.
CWE