WordPress Maintenance Mode Plugin <= 1.8.7

Back

WordPress Maintenance Mode Plugin <= 1.8.7 - CSRF

Product: Maintenance Mode
Description: Because of this vulnerability, the attackers can hijack the authentication of arbitrary users for requests that modify this plugin's settings.
Solution: Update the plugin.
Classification: Type Cross Site Request Forgery (CSRF)
OWASP Top 10 A8: Cross Site Request Forgery (CSRF)
References: CVE Mitre
CVE: Name CVE-2013-3250
Versions: Affected In <= 1.8.7
Fixed In 1.8.8
Disclosure date: 2013-04-22