CSRF Vulnerability in Dropdown Menu Widget for WordPress by WordPress
CVE-2013-2704

Currently unrated

Key Information:

Vendor: Wordpress
Status: Dropdown Menu Widget
Vendor: CVE Published:; 12 July 2013

What is CVE-2013-2704?

The Dropdown Menu Widget plugin for WordPress version 1.9.1 contains a cross-site request forgery (CSRF) vulnerability that allows remote attackers to exploit user authentication. By tricking authenticated users into submitting a crafted request, an attacker could inadvertently execute unauthorized actions on behalf of the user. This flaw enables potential malicious input, such as cross-site scripting (XSS) sequences, compromising the security of the application and affecting user data integrity. Users are advised to implement security best practices, such as updating to the latest version and employing proper access controls.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://wordpress.org/plugins/dropdown-menu-widget/changelog/

x_refsource_MISC

http://secunia.com/advisories/52958

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jul 12, 2013

JSON

Wordpress

What is CVE-2013-2704?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.