CVE-2013-2700
Cross-site request forgery (CSRF) vulnerability in the Add/Edit page (adminmenus.php) in the WP125 plugin before 1.5.0 for WordPress allows remote attackers to hijack the authentication of administrators for requests that add or edit an ad via unspecified vectors.
Ver en NVDSeveridad
N/A
EPSS
Probabilidad de explotación (próx. 30 días): 0.0025 (0.3%)
Percentil: 48.3%
EPSS: 2026-05-06
Afecta
webmaster-source:wp125Descripción técnica
Cross-site request forgery (CSRF) vulnerability in the Add/Edit page (adminmenus.php) in the WP125 plugin before 1.5.0 for WordPress allows remote attackers to hijack the authentication of administrators for requests that add or edit an ad via unspecified vectors.
Publicada: 14/5/2014, 19:55:08
Última modificación: 6/5/2026, 22:30:45
Referencias
- http://osvdb.org/92113
- http://secunia.com/advisories/52876
- http://wordpress.org/plugins/wp125/changelog
- https://plugins.trac.wordpress.org/changeset/692721
- http://osvdb.org/92113
- http://secunia.com/advisories/52876
- http://wordpress.org/plugins/wp125/changelog
- https://plugins.trac.wordpress.org/changeset/692721