cleantalk
Vulnerabilities and Security Researches

MathJax-LaTeX, dc58a5e8913fe3e0530789dbb21e0998a8536ee4

CVE, Research URL

dc58a5e8913fe3e0530789dbb21e0998a8536ee4

Home page URL

Security reports for MathJax-LaTeX

Application

MathJax-LaTeX

Published on
Mar 25, 2013
Research Description
MathJax-LaTeX [mathjax-latex] < 1.2 MathJax-LaTeX < 1.2 - Cross-Site Request Forgery The MathJax LaTeX plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions before 1.2. This is due to missing or incorrect nonce validation on the mathjax_plugin_options function. This may make it possible for unauthenticated attackers to arbitrarily change plugin settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Affected versions
max 1.2.
Status
vulnerable
Previous vulnerability researches
Solid Security – Password, Two Factor Authentication, and Brute Force Protection (CVE-2018-12636) , Jun 07, 2024
Solid Security – Password, Two Factor Authentication, and Brute Force Protection (CVE-2012-4264) , Jun 07, 2024
Solid Security – Password, Two Factor Authentication, and Brute Force Protection (CVE-2020-36176) , Jun 07, 2024
Solid Security – Password, Two Factor Authentication, and Brute Force Protection (CVE-2012-4263) , Jun 07, 2024
Solid Security – Password, Two Factor Authentication, and Brute Force Protection (CVE-2018-7433) , Jun 07, 2024
New vulnerability
leenk.me (753d31765913b4d2dbb8af0a5512e5f1f8c70c61) , Jun 16, 2026
Social Hashtags (5abd4657-8a58-4d97-b8cb-b67235ab5b8a) , Jun 16, 2026
Social Hashtags (1965c7b04565befbb11c28b56cb6922733a47b03) , Jun 16, 2026
Social Hashtags (a7cf6766582e354e702766a86f85716127d19bdc) , Jun 16, 2026
Simple Calendar &#8211; Google Calendar Plugin (e98a6264-9c5a-417f-b2f8-bd0017b411a0) , Jun 16, 2026