WordPress Plugin Xhanch My Twitter - Cross-Site Request Forgery

EDB-ID:

39303

CVE:

N/A




Platform:

PHP

Date:

2014-09-08


Become a Certified Penetration Tester

Enroll in Penetration Testing with Kali Linux and pass the exam to become an Offensive Security Certified Professional (OSCP). All new content for 2020.

GET CERTIFIED

source: https://www.securityfocus.com/bid/69744/info

Xhanch My Twitter plugin for WordPress is prone to a cross-site request-forgery vulnerability.

An attacker can exploit the cross-site request forgery issue to perform unauthorized actions in the context of a logged-in user of the affected application. This may aid in other attacks.

Xhanch My Twitter 2.7.7 is vulnerable; other versions may also be affected. 

http://www.example.com/wordpress/?xmt_Primary_twt_id=508351521810300928