CVE-2013-2697

Currently unrated

Key Information:

Vendor: Wordpress
Status: WP-downloadmanager
Vendor: CVE Published:; 19 April 2013

Summary

Cross-site request forgery (CSRF) vulnerability in the WP-DownloadManager plugin before 1.61 for WordPress allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.

References

http://secunia.com/advisories/52863

third-party-advisoryx_refsource_SECUNIA

http://wordpress.org/extend/plugins/wp-downloadmanager/ch...

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Apr 19, 2013