ThreatPress

WordPress Vulnerabilities Database

Back

WordPress <= 2.6.3 - Cross Site Request Forgery

Product
WordPress
Description
Because of this vulnerability, the attackers can conduct delayed and persistent cross-site request forgery attacks via crafted cookies.
Solution
Update WordPress.
Classification
Type Cross Site Request Forgery (CSRF)
OWASP Top 10 A8: Cross Site Request Forgery (CSRF)
References
CVE Mitre
CVE
Name CVE-2008-5113
Versions
Affected In <= 2.6.3
Fixed In 2.6.4
Disclosure date
2008-11-17
Credits
Raphael Geissert