Back
WordPress Related Posts Plugin <= 2.7.1 - CSRF
- Product
- Related Posts
- Description
- Because of this vulnerability, the attackers can hijack the authentication of users for requests that modify settings via unspecified vectors.
- Solution
- Update the plugin.
- Classification
-
Type Cross Site Request Forgery (CSRF)
OWASP Top 10 A8: Cross Site Request Forgery (CSRF)
- References
-
CVE Mitre
- CVE
- Name CVE-2013-3257
- Versions
-
Affected In
<= 2.7.1
Fixed In 2.7.2
- Disclosure date
- 2013-04-22
- Credits
- Charlie Eriksen