CVE-2013-3250

Cross-site request forgery (CSRF) vulnerability in the WP Maintenance Mode plugin before 1.8.8 for WordPress allows remote attackers to hijack the authentication of arbitrary users for requests that modify this plugin's settings.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:wordpress:wp_maintenance_mode_plugin:1.8.3:*:*:*:*:*:*:*
cpe:2.3:a:wordpress:wp_maintenance_mode_plugin:1.8.1:*:*:*:*:*:*:*
cpe:2.3:a:wordpress:wp_maintenance_mode_plugin:*:*:*:*:*:*:*:*
cpe:2.3:a:wordpress:wp_maintenance_mode_plugin:1.8.6:*:*:*:*:*:*:*
cpe:2.3:a:wordpress:wp_maintenance_mode_plugin:1.8.5:*:*:*:*:*:*:*
cpe:2.3:a:wordpress:wp_maintenance_mode_plugin:1.8.4:*:*:*:*:*:*:*
cpe:2.3:a:wordpress:wp_maintenance_mode_plugin:1.8.2:*:*:*:*:*:*:*
cpe:2.3:a:wordpress:wp_maintenance_mode_plugin:1.8.0:*:*:*:*:*:*:*

Information

Published : 2013-06-21 13:55

Updated : 2013-06-23 21:00


NVD link : CVE-2013-3250

Mitre link : CVE-2013-3250


JSON object : View

CWE
CWE-352

Cross-Site Request Forgery (CSRF)

Advertisement

dedicated server usa

Products Affected

wordpress

  • wp_maintenance_mode_plugin