AskarLabs AskarLabs
Home

CMS Security

vs vScan Continuous CMS vulnerability scanning wa WP-Audit Wordpress Security Audit Tool

Identity & Access

pl PasswordLab Self-hosted password manager for business
Docs

Browse

all All CVEs Full database, no filters wp WooCommerce CVEs Plugins wp Elementor CVEs Plugins

By Platform

wp WordPress CVEs Plugins, themes & core jm Joomla CVEs Extensions & core dr Drupal CVEs Modules & core
Talk to us
Home / CVE Database / CVE-2016-3098
CVE-2016-3098

CVE-2016-3098

Vendor N/A
Product administrate
Weakness CWE-352 · CSRF
Published August 5, 2022
Last update August 5, 2024
View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

Cross-site request forgery (CSRF) vulnerability in administrate 0.1.4 and earlier allows remote attackers to hijack the user's OAuth autorization code.

Key dates

02Disclosure timeline

August 5, 2022 CVE published
August 5, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2016-3098 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/352.html

Related vulnerabilities

04Related CVE

CVE-2024-8795 BA Book Everything <= 1.6.20 - Cross-Site Request Forgery to Email Address Update/Account Takeover CVE-2024-37451 WordPress Travel Agency theme <= 1.4.9 - Cross Site Request Forgery (CSRF) vulnerability CVE-2026-9730 Remove NoFollow Commenter URL <= 1.0 - Cross-Site Request Forgery to Settings Update CVE-2023-49153 WordPress Add to Cart Text Changer and Customize Button, Add Custom Icon Plugin <= 2.0 is vulnerable to Cross Site Request Forgery (CSRF) CVE-2026-40948 Apache Airflow Providers Keycloak: OAuth Login CSRF — Missing State Parameter in Keycloak Auth Manager

Identifiers

CVE CVE-2016-3098
CWE CWE-352

Affected versions

Vendor N/A
Product administrate
Affected 0.1.4
ASKARLABS
AskarLabs

We build essential tools for the teams keeping things running - quiet, honest software for the sites you ship and the secrets your team types every day.

CMS Security

  • vScan
  • WP-Audit

Identity & Access

  • PasswordLab
  • Features
  • Pricing
  • Free license

Resources

  • Docs
  • CVE Database
  • WordPress CVEs
  • Joomla CVEs
  • Drupal CVEs

Company

  • Contact
  • Security

Legal

  • Privacy
  • Terms
  • Cookies
  • GDPR
© 2026 AskarLabs. All trademarks are the property of their respective owners.
AskarLabs
CMS Security
vScan WP Audit
Identity & Access
PasswordLab Docs
CVE Database
All CVEs WordPress CVEs Joomla CVEs Drupal CVEs Talk to us