Skip to content

CVE-2014-2340

Cross-site request forgery (CSRF) vulnerability in the XCloner plugin before 3.1.1 for WordPress allows remote attackers to hijack the authentication of administrators for requests that create website backups via a request to wp-admin/plugins.php.

View on NVD

Severity

N/A

EPSS

Probability of exploitation (next 30 days): 0.0144 (1.4%)
Percentile: 80.8%
EPSS: 2026-05-06

Affects

xcloner:xcloner

Technical description

Cross-site request forgery (CSRF) vulnerability in the XCloner plugin before 3.1.1 for WordPress allows remote attackers to hijack the authentication of administrators for requests that create website backups via a request to wp-admin/plugins.php.

Published: 4/3/2014, 4:15:44 PM
Last modified: 5/6/2026, 10:30:45 PM

References

HomeEventsBlogResourcesTeam