CVE-2013-3250
WP Maintenance Mode Plugin < 1.8.8 - Cross-Site Request Forgery
Title source: llmDescription
Cross-site request forgery (CSRF) vulnerability in the WP Maintenance Mode plugin before 1.8.8 for WordPress allows remote attackers to hijack the authentication of arbitrary users for requests that modify this plugin's settings.
References (2)
Core 2
Core References
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/53125
Product x_refsource_confirm
http://wordpress.org/plugins/wp-maintenance-mode/changelog/
Scores
EPSS
0.0009
EPSS Percentile
25.9%
Details
CWE
CWE-352
Status
published
Products (8)
wordpress/wp_maintenance_mode_plugin
1.8.0
wordpress/wp_maintenance_mode_plugin
1.8.1
wordpress/wp_maintenance_mode_plugin
1.8.2
wordpress/wp_maintenance_mode_plugin
1.8.3
wordpress/wp_maintenance_mode_plugin
1.8.4
wordpress/wp_maintenance_mode_plugin
1.8.5
wordpress/wp_maintenance_mode_plugin
1.8.6
wordpress/wp_maintenance_mode_plugin
< 1.8.7
Published
Jun 21, 2013
Tracked Since
Feb 18, 2026