CVE-2013-2699

Currently unrated

Key Information:

Vendor: Wordpress
Status: Underconstruction
Vendor: CVE Published:; 10 April 2014

Summary

Cross-site request forgery (CSRF) vulnerability in the underConstruction plugin before 1.09 for WordPress allows remote attackers to hijack the authentication of administrators for requests that deactivate a plugin via unspecified vectors.

References

http://osvdb.org/93857

vdb-entryx_refsource_OSVDB

http://secunia.com/advisories/52881

third-party-advisoryx_refsource_SECUNIA

http://wordpress.org/plugins/underconstruction/changelog

x_refsource_CONFIRM

Timeline

Vulnerability published
Apr 10, 2014
Vulnerability Reserved
Mar 26, 2013