CVE-2013-2700

Currently unrated

Key Information:

Vendor: Wordpress
Status: WP125
Vendor: CVE Published:; 14 May 2014

Summary

Cross-site request forgery (CSRF) vulnerability in the Add/Edit page (adminmenus.php) in the WP125 plugin before 1.5.0 for WordPress allows remote attackers to hijack the authentication of administrators for requests that add or edit an ad via unspecified vectors.

References

http://osvdb.org/92113

vdb-entryx_refsource_OSVDB

http://wordpress.org/plugins/wp125/changelog

x_refsource_CONFIRM

https://plugins.trac.wordpress.org/changeset/692721

x_refsource_CONFIRM

Timeline

Vulnerability published
May 14, 2014
Vulnerability Reserved
Mar 26, 2013