Unrated severityNVD Advisory· Published Dec 31, 2014· Updated Jun 17, 2026
CVE-2014-9401
CVE-2014-9401
Description
Cross-site request forgery (CSRF) vulnerability in the WP Limit Posts Automatically plugin 0.7 and earlier for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the lpa_post_letters parameter in the wp-limit-posts-automatically.php page to wp-admin/options-general.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:wp_limit_posts_automatically_project:wp_limit_posts_automatically:*:*:*:*:*:wordpress:*:*Range: <=0.7
- Range: <=0.7
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.