ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Event Easy Calendar Plugin - Multiple Cross Site Request Forgery

Product
Event Easy Calendar
Description
Event Easy Calendar plugin is prone to multiple CSRF vulnerabilities that allow to perform certain unauthorized actions in the context of the affected application. Other attacks are also possible.
Solution
Upgrate the plugin.
Classification
Type Cross Site Request Forgery (CSRF)
OWASP Top 10 A8: Cross Site Request Forgery (CSRF)
References
Exploit-DB
CVE
Name CVE-N/A
Versions
Affected In <= 1.0.0
Fixed In 1.0.1
Disclosure date
2013-09-07
Credits
anonymous