Cross-Site Request Forgery Vulnerability in Mingle Forum Plugin for WordPress
CVE-2013-0736
Currently unrated
Summary
Multiple cross-site request forgery (CSRF) vulnerabilities exist in the Mingle Forum plugin versions 1.0.34 and earlier for WordPress. These vulnerabilities enable remote attackers to hijack the authentication of administrators, potentially allowing unauthorized modifications to user privileges or performing cross-site scripting (XSS) attacks through various unspecified vectors. Proper security measures should be taken to mitigate these risks.
References
Timeline
Vulnerability Reserved
Vulnerability published