WordPress Maintenance Mode Plugin <= 1.8.7 - CSRF
- Product
- Maintenance Mode
- Description
- Because of this vulnerability, the attackers can hijack the authentication of arbitrary users for requests that modify this plugin's settings.
- Solution
- Update the plugin.
- Classification
-
Type Cross Site Request Forgery (CSRF)
OWASP Top 10 A8: Cross Site Request Forgery (CSRF) - References
-
CVE Mitre
- CVE
- Name CVE-2013-3250
- Versions
-
Affected In
<= 1.8.7
Fixed In 1.8.8 - Disclosure date
- 2013-04-22