ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Blue Wrench Video Widget Plugin - Cross Site Request Forgery

Product
Blue Wrench Video Widget
Description
WordPress Blue Wrench Video Widget plugin is prone to a cross-site request forgery vulnerability. It allows an attacker to gain unauthorized access to the affected application by performing certain actions in the context of an authorized user's session.
Solution
Upgrade the plugin.
Classification
Type Cross Site Request Forgery (CSRF)
OWASP Top 10 A8: Cross Site Request Forgery (CSRF)
References
Exploit-DB
CVE
Name CVE-2013-6797
Versions
Affected In <= 1.0.2
Fixed In 1.0.3
Disclosure date
2013-11-23
Credits
Haider Mahmood