ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Related Posts Plugin <= 1.0 - Multiple CSRF and XSS

Product
Related Posts
Description
Because of these cross site request forgery vulnerabilities in the configuration screen in wp-relatedposts.php, the attackers can hijack the authentication of administrators for requests that insert cross-site scripting sequences.
Solution
Update the plugin.
Classification
Type Multi
References
CVE Mitre
CVE
Name CVE-2011-0760
Versions
Affected In <= 1.0
Fixed In 1.1
Disclosure date
2011-02-03
Credits
Gabriel Quadros