CSRF Vulnerability in WP Maintenance Mode Plugin Allows Arbitrary User Hijacking

CSRF Vulnerability in WP Maintenance Mode Plugin Allows Arbitrary User Hijacking

CVE-2013-3250 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Cross-site request forgery (CSRF) vulnerability in the WP Maintenance Mode plugin before 1.8.8 for WordPress allows remote attackers to hijack the authentication of arbitrary users for requests that modify this plugin's settings.

Learn more about our Wordpress Pen Testing.