ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Sexy Add Template Plugin - Cross Site Request Forgery

Product
Sexy Add Template
Description
Sexy Add Template plugin is prone to a cross-site request forgery vulnerability because the application fails to properly validate HTTP requests. It allows an attacker to gain unauthorized access to the affected application by performing certain actions in the context of an authorized user's session.
Solution
Update the plugin.
Classification
Type Cross Site Request Forgery (CSRF)
OWASP Top 10 A8: Cross Site Request Forgery (CSRF)
References
Exploit-DB
CVE
Name CVE-N/A
Versions
Affected In <= 1.0
Fixed In 1.1
Disclosure date
2012-09-22
Credits
the_cyber_nuxbie