Cross-Site Request Forgery Vulnerability in Contextual Related Posts for WordPress
CVE-2013-2710

Currently unrated

Key Information:

Vendor: Wordpress
Status: Contextual Related Posts
Vendor: CVE Published:; 2 June 2014

Summary

A Cross-Site Request Forgery (CSRF) vulnerability exists in the Contextual Related Posts plugin for WordPress before version 1.8.7. This security flaw allows remote attackers to exploit the plugin to hijack the authentication of the administrators. Through this vulnerability, attackers could execute harmful requests that may lead to Cross-Site Scripting (XSS) attacks via unspecified vectors. It highlights the importance of keeping plugins updated to safeguard web applications against unauthorized access and data compromise.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/84100

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/59733

vdb-entryx_refsource_BID

http://secunia.com/advisories/52960

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Jun 2, 2014
Vulnerability Reserved
Mar 26, 2013