ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Xhanch My Twitter Plugin <= 2.7.6 - CSRF

Product
Xhanch My Twitter
Description
Because of this vulnerability in admin/setting.php, the attackers can hijack the authentication of administrators for requests that change unspecified settings.
Solution
Update the plugin.
Classification
Type Cross Site Request Forgery (CSRF)
OWASP Top 10 A8: Cross Site Request Forgery (CSRF)
References
CVE Mitre
CVE
Name CVE-2013-3253
Versions
Affected In <= 2.7.6
Fixed In 2.7.7
Disclosure date
2013-04-22