Vulnerability title: Wordpress plugin Pods <= 2.4.3 XSS and CSRF vulnerabilities vulnerabilities Author: Pietro Oliva CVE: CVE-2014-7956, CVE-2014-7957 Product: pods Affected version: pods <= 2.4.3 Vulnerabilities fixed in version: 2.5 XSS vulnerability (CVE-2014-7956, authentication is needed): http://localhost/wp-admin/admin.php?page=pods&action=edit&id=4">