Cross-Site Request Forgery Vulnerability in underConstruction Plugin for WordPress
CVE-2013-2699

Currently unrated

Key Information:

Vendor

Wordpress
Status
Underconstruction
Vendor
CVE Published:
10 April 2014

What is CVE-2013-2699?

A Cross-Site Request Forgery (CSRF) vulnerability exists in the underConstruction plugin for WordPress, specifically in versions prior to 1.09. This flaw allows remote attackers to exploit the authentication of administrators, enabling them to send requests that can deactivate the plugin without the administrators' consent. The attack leverages unspecified vectors, posing a significant risk to website integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://osvdb.org/93857
vdb-entryx_refsource_OSVDB
http://secunia.com/advisories/52881
third-party-advisoryx_refsource_SECUNIA
http://wordpress.org/plugins/underconstruction/changelog
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.