CVE-2013-3252 – WP-PostViews < 1.63 - Cross-Site Request Forgery

https://notcve.org/view.php?id=CVE-2013-3252

Cross-site request forgery (CSRF) vulnerability in the options admin page in the WP-PostViews plugin before 1.63 for WordPress allows remote attackers to hijack the authentication of administrators for requests that change plugin settings via unspecified vectors. Vulnerabilidad de CSRF en el plugin qTranslate 2.5.34 y anteriores para WordPress permite a atacantes remotos secuestrar la autenticación de administradores para solicitudes que cambian configuraciones de plugins a través de vectores no especificados. • http://osvdb.org/93096 http://secunia.com/advisories/53127 http://wordpress.org/plugins/wp-postviews/changelog • CWE-352: Cross-Site Request Forgery (CSRF) •