ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Occasions Plugin - Cross Site Request Forgery Vulnerability

Product
Occasions
Description
This WordPress Occasions plugin is prone to a cross-site request-forgery vulnerability because of failure to properly validate HTTP requests. It allows an attacker to perform unauthorized actions and gain access to the affected application.
Solution
Update the plugin.
Classification
Type Cross Site Request Forgery (CSRF)
OWASP Top 10 A8: Cross Site Request Forgery (CSRF)
References
Exploit-DB
CVE
Name CVE-N/A
Versions
Affected In <= 1.0.4
Fixed In 1.0.5
Disclosure date
2013-03-19
Credits
m3tamantra